GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu findutils 4.0 |
||
gnu findutils 4.1 |
||
slackware slackware linux 7.1 |
||
slackware slackware linux 8.0 |