[原文]Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. NOTE: since Pads is not normally installed setuid, this may not be a vulnerability.
A local overflow exists in PADS. PADS fails to properly sanitize input to the "report_file " variable resulting in a stack overflow. If PADS is execute with a specially crafted value for the "-w" argument, an attacker can execute arbitrary commands resulting in a loss of integrity.
Upgrade to version 1.1.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.