CVE-2003-0848

N/A Unknown
Published: November 17, 2003 Modified: April 16, 2026
View on NVD

Description

Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-001.0/CSSA-2004-001.0.txt
Source: cve@mitre.org
ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc
Source: cve@mitre.org
ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
Source: cve@mitre.org
http://marc.info/?l=bugtraq&m=106546447321274&w=2
Source: cve@mitre.org
http://marc.info/?l=bugtraq&m=106589631819348&w=2
Source: cve@mitre.org
http://rhn.redhat.com/errata/RHSA-2004-040.html
Source: cve@mitre.org
http://secunia.com/advisories/10670
Source: cve@mitre.org
http://secunia.com/advisories/10683
Source: cve@mitre.org
http://secunia.com/advisories/10686
Source: cve@mitre.org
http://secunia.com/advisories/10698
Source: cve@mitre.org
http://secunia.com/advisories/10702
Source: cve@mitre.org
http://secunia.com/advisories/10720
Source: cve@mitre.org
http://secunia.com/advisories/10722
Source: cve@mitre.org
http://secunia.com/advisories/9962/
Source: cve@mitre.org
http://www.debian.org/security/2004/dsa-428
Source: cve@mitre.org
Patch Vendor Advisory
http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt
Source: cve@mitre.org
http://www.ebitech.sk/patrik/SA/SA-20031006.txt
Source: cve@mitre.org
http://www.mandriva.com/security/advisories?name=MDKSA-2004:004
Source: cve@mitre.org
http://www.redhat.com/archives/fedora-announce-list/2004-January/msg00009.html
Source: cve@mitre.org
http://www.redhat.com/support/errata/RHSA-2004-041.html
Source: cve@mitre.org
http://www.trustix.org/errata/misc/2004/TSL-2004-0005-slocate.asc.txt
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11033
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A821
Source: cve@mitre.org
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-001.0/CSSA-2004-001.0.txt
Source: af854a3a-2127-422b-91ae-364da2661108
ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc
Source: af854a3a-2127-422b-91ae-364da2661108
ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=bugtraq&m=106546447321274&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=bugtraq&m=106589631819348&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2004-040.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/10670
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/10683
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/10686
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/10698
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/10702
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/10720
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/10722
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/9962/
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2004/dsa-428
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ebitech.sk/patrik/SA/SA-20031006.txt
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2004:004
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/archives/fedora-announce-list/2004-January/msg00009.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2004-041.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.trustix.org/errata/misc/2004/TSL-2004-0005-slocate.asc.txt
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11033
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A821
Source: af854a3a-2127-422b-91ae-364da2661108

46 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.4%
59th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

slocate