CVE-2001-1036

Published: Aug 31, 2001Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.

Affected (4)

Products: Gnu: Findutils · Slackware: Slackware Linux

1 product

1 product

Slackware Linux

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Gnu Findutils	Version 4.0
Gnu Findutils	Version 4.1

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Slackware Slackware Linux	Version 7.1
Slackware Slackware Linux	Version 8.0

References (8)

http://www.osvdb.org/5477

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/200991

Source: cve@mitre.org

http://www.securityfocus.com/bid/3127

Source: cve@mitre.org

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6932

Source: cve@mitre.org

http://www.osvdb.org/5477

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/200991

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3127

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6932

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.