CVE-2001-1036 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2001-1036

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.

Affected Software

Name	Vendor	Start Version	End Version
Findutils	Gnu	4.0 (including)	4.0 (including)
Findutils	Gnu	4.1 (including)	4.1 (including)

References

http://www.osvdb.org/5477
http://www.securityfocus.com/archive/1/200991
http://www.securityfocus.com/bid/3127
https://exchange.xforce.ibmcloud.com/vulnerabilities/6932
http://www.osvdb.org/5477
http://www.securityfocus.com/archive/1/200991
http://www.securityfocus.com/bid/3127
https://exchange.xforce.ibmcloud.com/vulnerabilities/6932