Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mtr | mtr | 0.41 |
Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mtr | mtr | 0.55 |
| mtr | mtr | 0.63 |
| mtr | mtr | 0.57 |
| mtr | mtr | 0.65 |
| mtr | mtr | 0.58 |
| mtr | mtr | 0.61 |
| mtr | mtr | 0.56 |
| mtr | mtr | 0.60 |
| mtr | mtr | 0.62 |
| mtr | mtr | 0.64 |
| mtr | mtr | 0.59 |