Lucene search
MitreCVE-2001-1036HistoryApr 02, 2003 - 5:00 a.m.
CVE-2001-1036
2003-04-0205:00:00
mitre
web.nvd.nist.gov
31
gnu
locate
findutils 4.1
slackware
locatedb
gain privileges
process memory
cve-2001-1036
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
High
EPSS
0
Percentile
0.4%
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.
Affected configurations
Node
gnufindutilsMatch4.0
ORgnufindutilsMatch4.1
Node
slackwareslackware_linuxMatch7.1
ORslackwareslackware_linuxMatch8.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gnu | findutils | 4.0 | cpe:2.3:a:gnu:findutils:4.0:*:*:*:*:*:*:* |
| gnu | findutils | 4.1 | cpe:2.3:a:gnu:findutils:4.1:*:*:*:*:*:*:* |
| slackware | slackware_linux | 7.1 | cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:* |
| slackware | slackware_linux | 8.0 | cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
GNU findutils 4.0/4.1 - Locate Arbitrary Command Execution
2001-08-01 00:00:00
cvelist
cvelist
CVE-2001-1036
2003-04-02 05:00:00
CVE-2007-2452
2007-06-04 16:00:00
nvd
nvd
CVE-2001-1036
2001-08-31 04:00:00
CVE-2007-2452
2007-06-04 16:30:00
debiancve
debiancve
CVE-2007-2452
2007-06-04 16:30:00
redhatcve
redhatcve
CVE-2007-2452
2015-10-30 10:29:32
ubuntucve
ubuntucve
CVE-2007-2452
2007-06-04 00:00:00
cve
cve
CVE-2007-2452
2007-06-04 16:30:00
prion
prion
Heap overflow
2007-06-04 16:30:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
High
EPSS
0
Percentile
0.4%
Related for CVE-2001-1036