CVE-2003-0056

slocate - Buffer Overflow via Long Command Line Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0056. PoCs published by USG team.

AI-analyzed exploit summary The exploit demonstrates a buffer overflow in slocate by supplying excessively long arguments to the '-c' and '-r' command-line options. This can potentially overwrite an instruction pointer, allowing arbitrary code execution with elevated group privileges due to slocate's setgid installation.

Description

Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.

Exploits (1)

exploitdb WORKING POC VERIFIED
by USG team · textdoslinux
https://www.exploit-db.com/exploits/22197

The exploit demonstrates a buffer overflow in slocate by supplying excessively long arguments to the '-c' and '-r' command-line options. This can potentially overwrite an instruction pointer, allowing arbitrary code execution with elevated group privileges due to slocate's setgid installation.

Classification
Working Poc 80%
Attack Type
Lpe
Complexity
Trivial
Reliability
Theoretical
Target: slocate (version not specified)
No auth needed
Prerequisites: slocate installed with setgid privileges · ability to execute commands on the target system
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (18)

Core 18
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/8236
Various Sources vendor-advisory x_refsource_conectiva
http://www.net-security.org/advisory.php?id=2010
Vendor Advisory vendor-advisory x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/7982
Vendor Advisory x_refsource_misc
http://www.usg.org.uk/advisories/2003.001.txt
Vendor Advisory vendor-advisory x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2003:015
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/10720
Patch, Vendor Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2003/dsa-252
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104348607205691&w=2
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104428624705363&w=2
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/8118/
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11369
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2004-041.html
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104342864418213&w=2
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/8749
Various Sources vendor-advisory x_refsource_caldera
ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-009.0.txt
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/7947
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/8007

Scores

EPSS 0.0109
EPSS Percentile 61.5%

Details

Status published
Products (2)
slocate/slocate 2.5
slocate/slocate 2.6
Published Feb 19, 2003
Tracked Since Feb 18, 2026