Vulnerability CVE-2005-2499
Published: 2005-08-23   Modified: 2012-02-12

Description:
slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure.

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Slocate -> Slocate 

 References:
http://www.redhat.com/support/errata/RHSA-2005-747.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9538
http://xforce.iss.net/xforce/xfdb/22316
http://www.securityfocus.com/bid/14640
http://www.redhat.com/support/errata/RHSA-2005-346.html
http://www.redhat.com/support/errata/RHSA-2005-345.html
http://www.osvdb.org/19034
http://securitytracker.com/id?1014751
Copyright 2024, cxsecurity.com

 

Back to Top