Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 through 2.0.1, when running in update mode ("-t update"), might allow attackers to execute arbitrary code.
https://exchange.xforce.ibmcloud.com/vulnerabilities/18000
http://www.securityfocus.com/bid/11635