CVE-2007-0227 Information

Description

slocate 3.1 does not properly manage database entries that specify names of files in protected directories which allows local users to obtain the names of private files. NOTE: another researcher reports that the issue is not present in slocate 2.7.

Reference

http://osvdb.org/33465 http://www.securityfocus.com/archive/1/456489/100/0/threaded http://www.securityfocus.com/archive/1/456530/100/0/threaded http://www.securityfocus.com/archive/1/456593/100/0/threaded http://www.securityfocus.com/archive/1/456739/100/0/threaded http://www.securityfocus.com/archive/1/464220/30/7320/threaded http://www.securityfocus.com/bid/21989 http://www.ubuntu.com/usn/usn-425-1