First published: Mon Jun 04 2007(Updated: )
Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
GNU findutils | =4.2.28 | |
GNU findutils | =4.2.29 | |
GNU findutils | =4.2.30 | |
GNU findutils | =4.1 | |
GNU findutils | =4.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.