Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for slocate by slocate
CVE-2007-0227 (GCVE-0-2007-0227)
Vulnerability from nvd – Published: 2007-01-13 02:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
slocate 3.1 does not properly manage database entries that specify names of files in protected directories, which allows local users to obtain the names of private files. NOTE: another researcher reports that the issue is not present in slocate 2.7.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2007-01-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33465",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33465"
},
{
"name": "20070112 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456739/100/0/threaded"
},
{
"name": "21989",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21989"
},
{
"name": "20070110 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456530/100/0/threaded"
},
{
"name": "20070110 slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456489/100/0/threaded"
},
{
"name": "20070111 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456593/100/0/threaded"
},
{
"name": "20070329 FLEA-2007-0005-1: slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464220/30/7320/threaded"
},
{
"name": "USN-425-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-425-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "slocate 3.1 does not properly manage database entries that specify names of files in protected directories, which allows local users to obtain the names of private files. NOTE: another researcher reports that the issue is not present in slocate 2.7."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33465",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33465"
},
{
"name": "20070112 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456739/100/0/threaded"
},
{
"name": "21989",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21989"
},
{
"name": "20070110 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456530/100/0/threaded"
},
{
"name": "20070110 slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456489/100/0/threaded"
},
{
"name": "20070111 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456593/100/0/threaded"
},
{
"name": "20070329 FLEA-2007-0005-1: slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464220/30/7320/threaded"
},
{
"name": "USN-425-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-425-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "slocate 3.1 does not properly manage database entries that specify names of files in protected directories, which allows local users to obtain the names of private files. NOTE: another researcher reports that the issue is not present in slocate 2.7."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33465",
"refsource": "OSVDB",
"url": "http://osvdb.org/33465"
},
{
"name": "20070112 Re: slocate leaks filenames of protected directories",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456739/100/0/threaded"
},
{
"name": "21989",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21989"
},
{
"name": "20070110 Re: slocate leaks filenames of protected directories",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456530/100/0/threaded"
},
{
"name": "20070110 slocate leaks filenames of protected directories",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456489/100/0/threaded"
},
{
"name": "20070111 Re: slocate leaks filenames of protected directories",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456593/100/0/threaded"
},
{
"name": "20070329 FLEA-2007-0005-1: slocate",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464220/30/7320/threaded"
},
{
"name": "USN-425-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-425-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0227",
"datePublished": "2007-01-13T02:00:00.000Z",
"dateReserved": "2007-01-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:12:17.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2499 (GCVE-0-2005-2499)
Vulnerability from nvd – Published: 2005-08-22 04:00 – Updated: 2024-08-07 22:30
VLAI?
Summary
slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2005-08-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1014751",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014751"
},
{
"name": "19034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19034"
},
{
"name": "oval:org.mitre.oval:def:9538",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9538"
},
{
"name": "RHSA-2005:346",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-346.html"
},
{
"name": "slocate-directory-structure-dos(22316)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22316"
},
{
"name": "14640",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14640"
},
{
"name": "RHSA-2005:345",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-345.html"
},
{
"name": "RHSA-2005:747",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-747.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1014751",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014751"
},
{
"name": "19034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19034"
},
{
"name": "oval:org.mitre.oval:def:9538",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9538"
},
{
"name": "RHSA-2005:346",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-346.html"
},
{
"name": "slocate-directory-structure-dos(22316)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22316"
},
{
"name": "14640",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14640"
},
{
"name": "RHSA-2005:345",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-345.html"
},
{
"name": "RHSA-2005:747",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-747.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2499",
"datePublished": "2005-08-22T04:00:00.000Z",
"dateReserved": "2005-08-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0848 (GCVE-0-2003-0848)
Vulnerability from nvd – Published: 2003-10-09 04:00 – Updated: 2024-08-08 02:05
VLAI?
Summary
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
Date Public ?
2003-10-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2004-001.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-001.0/CSSA-2004-001.0.txt"
},
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "RHSA-2004:040",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-040.html"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt"
},
{
"name": "10720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10720"
},
{
"name": "10686",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10686"
},
{
"name": "10722",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10722"
},
{
"name": "MDKSA-2004:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:004"
},
{
"name": "10702",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10702"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006.txt"
},
{
"name": "DSA-428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-428"
},
{
"name": "20031011 SA-20031006 slocate buffer overflow - exploitation proof",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106589631819348\u0026w=2"
},
{
"name": "10683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10683"
},
{
"name": "9962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9962/"
},
{
"name": "FEDORA-2004-059",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-January/msg00009.html"
},
{
"name": "oval:org.mitre.oval:def:11033",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11033"
},
{
"name": "10670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10670"
},
{
"name": "20031006 SA-20031006 slocate vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106546447321274\u0026w=2"
},
{
"name": "10698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10698"
},
{
"name": "2004-0005",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/misc/2004/TSL-2004-0005-slocate.asc.txt"
},
{
"name": "oval:org.mitre.oval:def:821",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A821"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-10-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative \"pathlen\" value to be used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2004-001.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-001.0/CSSA-2004-001.0.txt"
},
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "RHSA-2004:040",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-040.html"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt"
},
{
"name": "10720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10720"
},
{
"name": "10686",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10686"
},
{
"name": "10722",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10722"
},
{
"name": "MDKSA-2004:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:004"
},
{
"name": "10702",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10702"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006.txt"
},
{
"name": "DSA-428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-428"
},
{
"name": "20031011 SA-20031006 slocate buffer overflow - exploitation proof",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106589631819348\u0026w=2"
},
{
"name": "10683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10683"
},
{
"name": "9962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9962/"
},
{
"name": "FEDORA-2004-059",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-January/msg00009.html"
},
{
"name": "oval:org.mitre.oval:def:11033",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11033"
},
{
"name": "10670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10670"
},
{
"name": "20031006 SA-20031006 slocate vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106546447321274\u0026w=2"
},
{
"name": "10698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10698"
},
{
"name": "2004-0005",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/misc/2004/TSL-2004-0005-slocate.asc.txt"
},
{
"name": "oval:org.mitre.oval:def:821",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A821"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0848",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative \"pathlen\" value to be used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2004-001.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-001.0/CSSA-2004-001.0.txt"
},
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "RHSA-2004:040",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2004-040.html"
},
{
"name": "20040201-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:041",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-041.html"
},
{
"name": "http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt",
"refsource": "MISC",
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt"
},
{
"name": "10720",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10720"
},
{
"name": "10686",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10686"
},
{
"name": "10722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10722"
},
{
"name": "MDKSA-2004:004",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:004"
},
{
"name": "10702",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10702"
},
{
"name": "http://www.ebitech.sk/patrik/SA/SA-20031006.txt",
"refsource": "MISC",
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006.txt"
},
{
"name": "DSA-428",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-428"
},
{
"name": "20031011 SA-20031006 slocate buffer overflow - exploitation proof",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106589631819348\u0026w=2"
},
{
"name": "10683",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10683"
},
{
"name": "9962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9962/"
},
{
"name": "FEDORA-2004-059",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-January/msg00009.html"
},
{
"name": "oval:org.mitre.oval:def:11033",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11033"
},
{
"name": "10670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10670"
},
{
"name": "20031006 SA-20031006 slocate vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106546447321274\u0026w=2"
},
{
"name": "10698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10698"
},
{
"name": "2004-0005",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/misc/2004/TSL-2004-0005-slocate.asc.txt"
},
{
"name": "oval:org.mitre.oval:def:821",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A821"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0848",
"datePublished": "2003-10-09T04:00:00.000Z",
"dateReserved": "2003-10-08T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0326 (GCVE-0-2003-0326)
Vulnerability from nvd – Published: 2003-05-22 04:00 – Updated: 2024-08-08 01:50
VLAI?
Summary
Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of ":" (colon) characters, whose count is used in a call to malloc.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Date Public ?
2003-05-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:50:47.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030519 bazarr slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105337692202626\u0026w=2"
},
{
"name": "7629",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7629"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of \":\" (colon) characters, whose count is used in a call to malloc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030519 bazarr slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105337692202626\u0026w=2"
},
{
"name": "7629",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7629"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of \":\" (colon) characters, whose count is used in a call to malloc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030519 bazarr slocate",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105337692202626\u0026w=2"
},
{
"name": "7629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7629"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0326",
"datePublished": "2003-05-22T04:00:00.000Z",
"dateReserved": "2003-05-19T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:50:47.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0056 (GCVE-0-2003-0056)
Vulnerability from nvd – Published: 2003-02-01 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2003-01-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8236"
},
{
"name": "CLA-2003:643",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://www.net-security.org/advisory.php?id=2010"
},
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "7982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7982"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.usg.org.uk/advisories/2003.001.txt"
},
{
"name": "MDKSA-2003:015",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:015"
},
{
"name": "10720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10720"
},
{
"name": "DSA-252",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-252"
},
{
"name": "20030125 Re: [USG- SA- 2003.001] USG Security Advisory (slocate)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104348607205691\u0026w=2"
},
{
"name": "20030202 GLSA: slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104428624705363\u0026w=2"
},
{
"name": "8118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8118/"
},
{
"name": "oval:org.mitre.oval:def:11369",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11369"
},
{
"name": "RHSA-2004:041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-041.html"
},
{
"name": "20030124 [USG- SA- 2003.001] USG Security Advisory (slocate)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104342864418213\u0026w=2"
},
{
"name": "8749",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8749"
},
{
"name": "CSSA-2003-009.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-009.0.txt"
},
{
"name": "7947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7947"
},
{
"name": "8007",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8236"
},
{
"name": "CLA-2003:643",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://www.net-security.org/advisory.php?id=2010"
},
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "7982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7982"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.usg.org.uk/advisories/2003.001.txt"
},
{
"name": "MDKSA-2003:015",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:015"
},
{
"name": "10720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10720"
},
{
"name": "DSA-252",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-252"
},
{
"name": "20030125 Re: [USG- SA- 2003.001] USG Security Advisory (slocate)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104348607205691\u0026w=2"
},
{
"name": "20030202 GLSA: slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104428624705363\u0026w=2"
},
{
"name": "8118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8118/"
},
{
"name": "oval:org.mitre.oval:def:11369",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11369"
},
{
"name": "RHSA-2004:041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-041.html"
},
{
"name": "20030124 [USG- SA- 2003.001] USG Security Advisory (slocate)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104342864418213\u0026w=2"
},
{
"name": "8749",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8749"
},
{
"name": "CSSA-2003-009.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-009.0.txt"
},
{
"name": "7947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7947"
},
{
"name": "8007",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8007"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8236"
},
{
"name": "CLA-2003:643",
"refsource": "CONECTIVA",
"url": "http://www.net-security.org/advisory.php?id=2010"
},
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "7982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7982"
},
{
"name": "http://www.usg.org.uk/advisories/2003.001.txt",
"refsource": "MISC",
"url": "http://www.usg.org.uk/advisories/2003.001.txt"
},
{
"name": "MDKSA-2003:015",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:015"
},
{
"name": "10720",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10720"
},
{
"name": "DSA-252",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-252"
},
{
"name": "20030125 Re: [USG- SA- 2003.001] USG Security Advisory (slocate)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104348607205691\u0026w=2"
},
{
"name": "20030202 GLSA: slocate",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104428624705363\u0026w=2"
},
{
"name": "8118",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8118/"
},
{
"name": "oval:org.mitre.oval:def:11369",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11369"
},
{
"name": "RHSA-2004:041",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2004-041.html"
},
{
"name": "20030124 [USG- SA- 2003.001] USG Security Advisory (slocate)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104342864418213\u0026w=2"
},
{
"name": "8749",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8749"
},
{
"name": "CSSA-2003-009.0",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-009.0.txt"
},
{
"name": "7947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7947"
},
{
"name": "8007",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8007"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0056",
"datePublished": "2003-02-01T05:00:00.000Z",
"dateReserved": "2003-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:43:35.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0227 (GCVE-0-2007-0227)
Vulnerability from cvelistv5 – Published: 2007-01-13 02:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
slocate 3.1 does not properly manage database entries that specify names of files in protected directories, which allows local users to obtain the names of private files. NOTE: another researcher reports that the issue is not present in slocate 2.7.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2007-01-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33465",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33465"
},
{
"name": "20070112 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456739/100/0/threaded"
},
{
"name": "21989",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21989"
},
{
"name": "20070110 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456530/100/0/threaded"
},
{
"name": "20070110 slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456489/100/0/threaded"
},
{
"name": "20070111 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456593/100/0/threaded"
},
{
"name": "20070329 FLEA-2007-0005-1: slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464220/30/7320/threaded"
},
{
"name": "USN-425-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-425-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "slocate 3.1 does not properly manage database entries that specify names of files in protected directories, which allows local users to obtain the names of private files. NOTE: another researcher reports that the issue is not present in slocate 2.7."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33465",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33465"
},
{
"name": "20070112 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456739/100/0/threaded"
},
{
"name": "21989",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21989"
},
{
"name": "20070110 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456530/100/0/threaded"
},
{
"name": "20070110 slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456489/100/0/threaded"
},
{
"name": "20070111 Re: slocate leaks filenames of protected directories",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456593/100/0/threaded"
},
{
"name": "20070329 FLEA-2007-0005-1: slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464220/30/7320/threaded"
},
{
"name": "USN-425-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-425-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "slocate 3.1 does not properly manage database entries that specify names of files in protected directories, which allows local users to obtain the names of private files. NOTE: another researcher reports that the issue is not present in slocate 2.7."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33465",
"refsource": "OSVDB",
"url": "http://osvdb.org/33465"
},
{
"name": "20070112 Re: slocate leaks filenames of protected directories",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456739/100/0/threaded"
},
{
"name": "21989",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21989"
},
{
"name": "20070110 Re: slocate leaks filenames of protected directories",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456530/100/0/threaded"
},
{
"name": "20070110 slocate leaks filenames of protected directories",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456489/100/0/threaded"
},
{
"name": "20070111 Re: slocate leaks filenames of protected directories",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456593/100/0/threaded"
},
{
"name": "20070329 FLEA-2007-0005-1: slocate",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464220/30/7320/threaded"
},
{
"name": "USN-425-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-425-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0227",
"datePublished": "2007-01-13T02:00:00.000Z",
"dateReserved": "2007-01-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:12:17.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2499 (GCVE-0-2005-2499)
Vulnerability from cvelistv5 – Published: 2005-08-22 04:00 – Updated: 2024-08-07 22:30
VLAI?
Summary
slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2005-08-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1014751",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014751"
},
{
"name": "19034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19034"
},
{
"name": "oval:org.mitre.oval:def:9538",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9538"
},
{
"name": "RHSA-2005:346",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-346.html"
},
{
"name": "slocate-directory-structure-dos(22316)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22316"
},
{
"name": "14640",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14640"
},
{
"name": "RHSA-2005:345",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-345.html"
},
{
"name": "RHSA-2005:747",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-747.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1014751",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014751"
},
{
"name": "19034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19034"
},
{
"name": "oval:org.mitre.oval:def:9538",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9538"
},
{
"name": "RHSA-2005:346",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-346.html"
},
{
"name": "slocate-directory-structure-dos(22316)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22316"
},
{
"name": "14640",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14640"
},
{
"name": "RHSA-2005:345",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-345.html"
},
{
"name": "RHSA-2005:747",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-747.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2499",
"datePublished": "2005-08-22T04:00:00.000Z",
"dateReserved": "2005-08-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0848 (GCVE-0-2003-0848)
Vulnerability from cvelistv5 – Published: 2003-10-09 04:00 – Updated: 2024-08-08 02:05
VLAI?
Summary
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2003-10-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2004-001.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-001.0/CSSA-2004-001.0.txt"
},
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "RHSA-2004:040",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-040.html"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt"
},
{
"name": "10720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10720"
},
{
"name": "10686",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10686"
},
{
"name": "10722",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10722"
},
{
"name": "MDKSA-2004:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:004"
},
{
"name": "10702",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10702"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006.txt"
},
{
"name": "DSA-428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-428"
},
{
"name": "20031011 SA-20031006 slocate buffer overflow - exploitation proof",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106589631819348\u0026w=2"
},
{
"name": "10683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10683"
},
{
"name": "9962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9962/"
},
{
"name": "FEDORA-2004-059",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-January/msg00009.html"
},
{
"name": "oval:org.mitre.oval:def:11033",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11033"
},
{
"name": "10670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10670"
},
{
"name": "20031006 SA-20031006 slocate vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106546447321274\u0026w=2"
},
{
"name": "10698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10698"
},
{
"name": "2004-0005",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/misc/2004/TSL-2004-0005-slocate.asc.txt"
},
{
"name": "oval:org.mitre.oval:def:821",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A821"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-10-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative \"pathlen\" value to be used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2004-001.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-001.0/CSSA-2004-001.0.txt"
},
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "RHSA-2004:040",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-040.html"
},
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt"
},
{
"name": "10720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10720"
},
{
"name": "10686",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10686"
},
{
"name": "10722",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10722"
},
{
"name": "MDKSA-2004:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:004"
},
{
"name": "10702",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10702"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006.txt"
},
{
"name": "DSA-428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-428"
},
{
"name": "20031011 SA-20031006 slocate buffer overflow - exploitation proof",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106589631819348\u0026w=2"
},
{
"name": "10683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10683"
},
{
"name": "9962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9962/"
},
{
"name": "FEDORA-2004-059",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-January/msg00009.html"
},
{
"name": "oval:org.mitre.oval:def:11033",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11033"
},
{
"name": "10670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10670"
},
{
"name": "20031006 SA-20031006 slocate vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106546447321274\u0026w=2"
},
{
"name": "10698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10698"
},
{
"name": "2004-0005",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/misc/2004/TSL-2004-0005-slocate.asc.txt"
},
{
"name": "oval:org.mitre.oval:def:821",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A821"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0848",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative \"pathlen\" value to be used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2004-001.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-001.0/CSSA-2004-001.0.txt"
},
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "RHSA-2004:040",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2004-040.html"
},
{
"name": "20040201-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "RHSA-2004:041",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-041.html"
},
{
"name": "http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt",
"refsource": "MISC",
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt"
},
{
"name": "10720",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10720"
},
{
"name": "10686",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10686"
},
{
"name": "10722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10722"
},
{
"name": "MDKSA-2004:004",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:004"
},
{
"name": "10702",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10702"
},
{
"name": "http://www.ebitech.sk/patrik/SA/SA-20031006.txt",
"refsource": "MISC",
"url": "http://www.ebitech.sk/patrik/SA/SA-20031006.txt"
},
{
"name": "DSA-428",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-428"
},
{
"name": "20031011 SA-20031006 slocate buffer overflow - exploitation proof",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106589631819348\u0026w=2"
},
{
"name": "10683",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10683"
},
{
"name": "9962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9962/"
},
{
"name": "FEDORA-2004-059",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-January/msg00009.html"
},
{
"name": "oval:org.mitre.oval:def:11033",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11033"
},
{
"name": "10670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10670"
},
{
"name": "20031006 SA-20031006 slocate vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106546447321274\u0026w=2"
},
{
"name": "10698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10698"
},
{
"name": "2004-0005",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/misc/2004/TSL-2004-0005-slocate.asc.txt"
},
{
"name": "oval:org.mitre.oval:def:821",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A821"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0848",
"datePublished": "2003-10-09T04:00:00.000Z",
"dateReserved": "2003-10-08T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:05:12.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0326 (GCVE-0-2003-0326)
Vulnerability from cvelistv5 – Published: 2003-05-22 04:00 – Updated: 2024-08-08 01:50
VLAI?
Summary
Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of ":" (colon) characters, whose count is used in a call to malloc.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Date Public ?
2003-05-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:50:47.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030519 bazarr slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105337692202626\u0026w=2"
},
{
"name": "7629",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7629"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of \":\" (colon) characters, whose count is used in a call to malloc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030519 bazarr slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105337692202626\u0026w=2"
},
{
"name": "7629",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7629"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of \":\" (colon) characters, whose count is used in a call to malloc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030519 bazarr slocate",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105337692202626\u0026w=2"
},
{
"name": "7629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7629"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0326",
"datePublished": "2003-05-22T04:00:00.000Z",
"dateReserved": "2003-05-19T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:50:47.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0056 (GCVE-0-2003-0056)
Vulnerability from cvelistv5 – Published: 2003-02-01 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2003-01-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8236"
},
{
"name": "CLA-2003:643",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://www.net-security.org/advisory.php?id=2010"
},
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "7982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7982"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.usg.org.uk/advisories/2003.001.txt"
},
{
"name": "MDKSA-2003:015",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:015"
},
{
"name": "10720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10720"
},
{
"name": "DSA-252",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-252"
},
{
"name": "20030125 Re: [USG- SA- 2003.001] USG Security Advisory (slocate)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104348607205691\u0026w=2"
},
{
"name": "20030202 GLSA: slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104428624705363\u0026w=2"
},
{
"name": "8118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8118/"
},
{
"name": "oval:org.mitre.oval:def:11369",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11369"
},
{
"name": "RHSA-2004:041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-041.html"
},
{
"name": "20030124 [USG- SA- 2003.001] USG Security Advisory (slocate)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104342864418213\u0026w=2"
},
{
"name": "8749",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8749"
},
{
"name": "CSSA-2003-009.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-009.0.txt"
},
{
"name": "7947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7947"
},
{
"name": "8007",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8236"
},
{
"name": "CLA-2003:643",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://www.net-security.org/advisory.php?id=2010"
},
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "7982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7982"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.usg.org.uk/advisories/2003.001.txt"
},
{
"name": "MDKSA-2003:015",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:015"
},
{
"name": "10720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10720"
},
{
"name": "DSA-252",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-252"
},
{
"name": "20030125 Re: [USG- SA- 2003.001] USG Security Advisory (slocate)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104348607205691\u0026w=2"
},
{
"name": "20030202 GLSA: slocate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104428624705363\u0026w=2"
},
{
"name": "8118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8118/"
},
{
"name": "oval:org.mitre.oval:def:11369",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11369"
},
{
"name": "RHSA-2004:041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-041.html"
},
{
"name": "20030124 [USG- SA- 2003.001] USG Security Advisory (slocate)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104342864418213\u0026w=2"
},
{
"name": "8749",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8749"
},
{
"name": "CSSA-2003-009.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-009.0.txt"
},
{
"name": "7947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7947"
},
{
"name": "8007",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8007"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8236"
},
{
"name": "CLA-2003:643",
"refsource": "CONECTIVA",
"url": "http://www.net-security.org/advisory.php?id=2010"
},
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "7982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7982"
},
{
"name": "http://www.usg.org.uk/advisories/2003.001.txt",
"refsource": "MISC",
"url": "http://www.usg.org.uk/advisories/2003.001.txt"
},
{
"name": "MDKSA-2003:015",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:015"
},
{
"name": "10720",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10720"
},
{
"name": "DSA-252",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-252"
},
{
"name": "20030125 Re: [USG- SA- 2003.001] USG Security Advisory (slocate)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104348607205691\u0026w=2"
},
{
"name": "20030202 GLSA: slocate",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104428624705363\u0026w=2"
},
{
"name": "8118",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8118/"
},
{
"name": "oval:org.mitre.oval:def:11369",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11369"
},
{
"name": "RHSA-2004:041",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2004-041.html"
},
{
"name": "20030124 [USG- SA- 2003.001] USG Security Advisory (slocate)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104342864418213\u0026w=2"
},
{
"name": "8749",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8749"
},
{
"name": "CSSA-2003-009.0",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-009.0.txt"
},
{
"name": "7947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7947"
},
{
"name": "8007",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8007"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0056",
"datePublished": "2003-02-01T05:00:00.000Z",
"dateReserved": "2003-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:43:35.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}