CVE Vulnerabilities

CVE-2004-1224

Published: Jan 10, 2005 | Modified: Nov 20, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the s keybinding, which leaves a buffer without a NULL terminator.

Affected Software

Name Vendor Start Version End Version
Mtr Mtr 0.55 (including) 0.55 (including)
Mtr Mtr 0.56 (including) 0.56 (including)
Mtr Mtr 0.57 (including) 0.57 (including)
Mtr Mtr 0.58 (including) 0.58 (including)
Mtr Mtr 0.59 (including) 0.59 (including)
Mtr Mtr 0.60 (including) 0.60 (including)
Mtr Mtr 0.61 (including) 0.61 (including)
Mtr Mtr 0.62 (including) 0.62 (including)
Mtr Mtr 0.63 (including) 0.63 (including)
Mtr Mtr 0.64 (including) 0.64 (including)
Mtr Mtr 0.65 (including) 0.65 (including)

References