Secure Locate heap corruption vulnerability

November 28, 2000

Author: JT Smith

“When running slocate, users are able to specify a database of their own as a commandline parameter. A subtle vulnerability exists in slocate’s reading of these user-supplied databases that may allow a local user to execute arbitrary code with effective gid slocate.” Full details at SecurityFocus.com.

Category:

Linux

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR