Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.55133
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2005:747
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2005:747.

Slocate is a security-enhanced version of locate. Like locate, slocate
searches through a nightly-updated central database for files that match a
given pattern.

A bug was found in the way slocate processes very long paths. A local user
could create a carefully crafted directory structure that would prevent
updatedb from completing its file system scan, resulting in an incomplete
slocate database. The Common Vulnerabilities and Exposures project has
assigned the name CVE-2005-2499 to this issue.

Users are advised to upgrade to this updated package, which includes a
backported patch to resolve this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-747.html

Risk factor : Medium

CVSS Score:
2.1

Cross-Ref: BugTraq ID: 14640
Common Vulnerability Exposure (CVE) ID: CVE-2005-2499
http://www.securityfocus.com/bid/14640
http://www.osvdb.org/19034
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9538
http://www.redhat.com/support/errata/RHSA-2005-345.html
http://www.redhat.com/support/errata/RHSA-2005-346.html
http://www.redhat.com/support/errata/RHSA-2005-747.html
http://securitytracker.com/id?1014751
XForce ISS Database: slocate-directory-structure-dos(22316)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22316
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.