2 matches found
CVE-2001-1036
The connected records show a concrete vulnerability in GNU findutils locate prior to version 4.2.31. The flaw is a heap-based buffer overflow in the visit_old_format function (locate/locate.c) that can be triggered by a long pathname stored in a locate database using the old format, potentially a...
CVE-2001-1036
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database locatedb that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory...