A heap-based buffer overflow in slocate can allow local users to gain "slocate" privileges via a modified slocate database that causes a negative "pathlen" value. CAN-2003-0848 Affects: FC1
This is fixed now.