Unrated severityNVD Advisory· Published Aug 31, 2001· Updated Apr 16, 2026

CVE-2001-1036

Description

GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.

Affected products

GNU/Findutils2 versions
cpe:2.3:a:gnu:findutils:4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:gnu:findutils:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:findutils:4.1:*:*:*:*:*:*:*
Slackware/Slackware Linux2 versions
cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/3127nvdExploitVendor Advisory
www.osvdb.org/5477nvd
www.securityfocus.com/archive/1/200991nvd
exchange.xforce.ibmcloud.com/vulnerabilities/6932nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000