tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tcptraceroute | Michael_c._toren | * | 1.4 (including) |