CVE-2001-1036

CVE Database · CVE-2001-1036

CVE-2001-1036

· N/AModified

CVSS v3.1

N/A

EPSS

0.90%

Published

Aug 31, 2001

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBGNU findutils 4.0/4.1 - Locate Arbitrary Command Execution

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.

Affected Products (4)

gnu · findutilsvulnerable

slackware · slackware_linuxvulnerable

References (8)

http://www.osvdb.org/5477

http://www.securityfocus.com/archive/1/200991

http://www.securityfocus.com/bid/3127

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6932

http://www.osvdb.org/5477

http://www.securityfocus.com/archive/1/200991

http://www.securityfocus.com/bid/3127

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6932

KEV Catalog EPSS Scores Vendors All CVEs