January 4, 2001

Conectiva Linux security announcement: slocate

Author: JT Smith

From LWN.net: "'slocate' is a program which catalogues existing files and allows for
a quick lookup later.
There is a vulnerability present in previous versions. By giving it a
crafted database, an attacker could make slocate execute arbitrary
code as the 'slocate' user.
Additionally, a bug which caused slocate to segfault with large
pathnames was fixed."


  • Linux
Click Here!