Oracle Solaris Third-Party Patch Update : slocate (cve_2007_0227_information_disclosure)
Medium Nessus Plugin ID 80771
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- slocate 3.1 does not properly manage database entries that specify names of files in protected directories, which allows local users to obtain the names of private files. NOTE: another researcher reports that the issue is not present in slocate 2.7. (CVE-2007-0227)
SolutionUpgrade to Solaris 220.127.116.11.0.