Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2003-0056

Published: 19/02/2003 Updated: 11/10/2017
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Slocate

Vulnerability Summary

Buffer overflow in secure locate (slocate) prior to 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.

Vulnerable Product Search on Vulmon Subscribe to Product

slocate slocate 2.5

slocate slocate 2.6

Exploits

Exploit DB: slocate 2.5/2.6 - Local Buffer Overrun
source: wwwsecurityfocuscom/bid/6676/info A vulnerability has been discovered in slocate It has been reported that a buffer overrun occurs when running the slocate program with command line arguments of excessive length Specifically, it is possible to overrun a buffer in slocate by supplying excessive data as the regex ('-r') and parse ...

References

NVD-CWE-Otherhttp://www.debian.org/security/2003/dsa-252http://www.usg.org.uk/advisories/2003.001.txtftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-009.0.txthttp://www.net-security.org/advisory.php?id=2010http://www.mandriva.com/security/advisories?name=MDKSA-2003:015http://rhn.redhat.com/errata/RHSA-2004-041.htmlftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.aschttp://secunia.com/advisories/7982http://secunia.com/advisories/8007http://secunia.com/advisories/8236http://secunia.com/advisories/10720http://secunia.com/advisories/7947http://secunia.com/advisories/8118/http://secunia.com/advisories/8749http://marc.info/?l=bugtraq&m=104348607205691&w=2http://marc.info/?l=bugtraq&m=104428624705363&w=2http://marc.info/?l=bugtraq&m=104342864418213&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11369https://nvd.nist.govhttps://www.exploit-db.com/exploits/22197/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook