findutils
Page content
- Author: voroskoi
- Vulnerable: 4.3.2-1
- Unaffected: 4.3.2-2terminus1
A vulnerability has been reported in GNU findutils, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to a boundary error when parsing “old” style formatted locate databases. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into running locate on a specially crafted “old” style database containing an overly long path (more than 1026 bytes).
- Bug Tracker URL: http://bugs.frugalware.org/task/2128