GNU findutils 4.0/4.1 - Locate Arbitrary Command Execution

// source: https://www.securityfocus.com/bid/3127/info GNU locate is an application that searches file databases for file names that match user-supplied patterns. A boundary condition error can occur when the program reads database files composed in an "old" format, produced by GNU locate prior t...

GNU findutils 4.04.1 - Locate Arbitrary Command Execution

GNU findutils 4.04.1 - Locate Arbitrary Command Execution // source: https://www.securityfocus.com/bid/3127/info GNU locate is an application that searches file databases for file names that match user-supplied patterns. A boundary condition error can occur when the program reads database files...

CVE-2001-0066

Secure Locate slocate allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer...

Re: [MSY] S(ecure)Locate heap corruption vulnerability

On Sun, Nov 26, 2000 at 11:38:25PM +0100, Michel Kaempf wrote: The author, Kevin Lindsay, was contacted and confirmed Secure Locate v2.3 is not affected by the vulnerability described in this advisory. Every Secure Locate version, from 1.4 included to 2.2 included, is affected by the problem, and...

[MSY] S(ecure)Locate heap corruption vulnerability

--------------- MasterSecuritY www.mastersecurity.fr --------------- ------------ SecureLocate heap corruption vulnerability ------------ ---------- By Michel "MaXX" Kaempf [email protected] ---------- -- 0x00 - Table of contents ------------------------------------------ 0x01 - Overview 0x0...

ftpd.locate.findutils.txt

Date: Fri, 30 Apr 1999 11:07:20 +0300 From: Sergey V. Kolychev To: [email protected] Subject: Buffer overflow in ftpd and locate bug Hi. I had problem with locate from findutils-4.1.24.rpm from Redhat-5.1 It segfaults if we have huge directory at incoming ftp which created by exploits for ftpd...