CVE-2003-0671

2003-08-27T04:00:00
ID CVE-2003-0671
Type cve
Reporter cve@mitre.org
Modified 2008-09-10T19:20:00

Description

Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow.