Vulnerability Details CVE-2005-2499
slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.1%
CVSS Severity
CVSS v2 Score 2.1
References
- http://securitytracker.com/id?1014751
- http://www.osvdb.org/19034
- http://www.redhat.com/support/errata/RHSA-2005-345.html
- http://www.redhat.com/support/errata/RHSA-2005-346.html
- http://www.redhat.com/support/errata/RHSA-2005-747.html
- http://www.securityfocus.com/bid/14640
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22316
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9538
- http://securitytracker.com/id?1014751
- http://www.osvdb.org/19034
- http://www.redhat.com/support/errata/RHSA-2005-345.html
- http://www.redhat.com/support/errata/RHSA-2005-346.html
- http://www.redhat.com/support/errata/RHSA-2005-747.html
- http://www.securityfocus.com/bid/14640
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22316
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9538
Products affected by CVE-2005-2499
-
cpe:2.3:a:slocate:slocate:2.1
-
cpe:2.3:a:slocate:slocate:2.2
-
cpe:2.3:a:slocate:slocate:2.3
-
cpe:2.3:a:slocate:slocate:2.4
-
cpe:2.3:a:slocate:slocate:2.5
-
cpe:2.3:a:slocate:slocate:2.6