Lucene search

[email protected]CVE-2004-1224

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1224

2005-01-1005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-1224

mtr

off-by-one error

raw socket hijack

security vulnerability

6.7 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the “s” keybinding, which leaves a buffer without a NULL terminator.

CPENameOperatorVersion
mtr:mtrmtreq0.59
mtr:mtrmtreq0.55
mtr:mtrmtreq0.58
mtr:mtrmtreq0.56
mtr:mtrmtreq0.65
mtr:mtrmtreq0.60
mtr:mtrmtreq0.62
mtr:mtrmtreq0.63
mtr:mtrmtreq0.64
mtr:mtrmtreq0.57

CPE	Name	Operator	Version
mtr:mtr	mtr	eq	0.59
mtr:mtr	mtr	eq	0.55
mtr:mtr	mtr	eq	0.58
mtr:mtr	mtr	eq	0.56
mtr:mtr	mtr	eq	0.65
mtr:mtr	mtr	eq	0.60
mtr:mtr	mtr	eq	0.62
mtr:mtr	mtr	eq	0.63
mtr:mtr	mtr	eq	0.64
mtr:mtr	mtr	eq	0.57

Rows per page:

1-10 of 111

References

marc.info/?l=bugtraq&m=110279034910663&w=2

exchange.xforce.ibmcloud.com/vulnerabilities/18428

6.7 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2004-1224

cvelist1 debiancve1