Lucene search

[email protected]CVE-2008-2357

HistoryMay 21, 2008 - 1:24 p.m.

CVE-2008-2357

2008-05-2113:24:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

2008

2357

stack-based buffer overflow

mtr

split_redraw

dns ptr record

remote code execution

vulnerability

glibc

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.128 Low

EPSS

Percentile

95.5%

JSON

Stack-based buffer overflow in the split_redraw function in split.c in mtr before 0.73, when invoked with the -p (aka --split) option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the ns_name_ntop function in resolv/ns_name.c in glibc and the proper fix should be in glibc; if so, then this should not be treated as a vulnerability in mtr.

Affected configurations

NVD

Node

matt_kimball_and_roger_wolffmtrRange≤0.72

matt_kimball_and_roger_wolffmtrMatch0.21

matt_kimball_and_roger_wolffmtrMatch0.22

matt_kimball_and_roger_wolffmtrMatch0.23

matt_kimball_and_roger_wolffmtrMatch0.24

matt_kimball_and_roger_wolffmtrMatch0.25

matt_kimball_and_roger_wolffmtrMatch0.26

matt_kimball_and_roger_wolffmtrMatch0.27

matt_kimball_and_roger_wolffmtrMatch0.28

matt_kimball_and_roger_wolffmtrMatch0.29

matt_kimball_and_roger_wolffmtrMatch0.30

matt_kimball_and_roger_wolffmtrMatch0.31

matt_kimball_and_roger_wolffmtrMatch0.32

matt_kimball_and_roger_wolffmtrMatch0.33

matt_kimball_and_roger_wolffmtrMatch0.34

matt_kimball_and_roger_wolffmtrMatch0.35

matt_kimball_and_roger_wolffmtrMatch0.36

matt_kimball_and_roger_wolffmtrMatch0.37

matt_kimball_and_roger_wolffmtrMatch0.38

matt_kimball_and_roger_wolffmtrMatch0.39

matt_kimball_and_roger_wolffmtrMatch0.40

matt_kimball_and_roger_wolffmtrMatch0.41

matt_kimball_and_roger_wolffmtrMatch0.42

matt_kimball_and_roger_wolffmtrMatch0.43

matt_kimball_and_roger_wolffmtrMatch0.44

matt_kimball_and_roger_wolffmtrMatch0.45

matt_kimball_and_roger_wolffmtrMatch0.46

matt_kimball_and_roger_wolffmtrMatch0.47

matt_kimball_and_roger_wolffmtrMatch0.48

matt_kimball_and_roger_wolffmtrMatch0.49

matt_kimball_and_roger_wolffmtrMatch0.50

matt_kimball_and_roger_wolffmtrMatch0.51

matt_kimball_and_roger_wolffmtrMatch0.52

matt_kimball_and_roger_wolffmtrMatch0.53

matt_kimball_and_roger_wolffmtrMatch0.54

matt_kimball_and_roger_wolffmtrMatch0.55

matt_kimball_and_roger_wolffmtrMatch0.56

matt_kimball_and_roger_wolffmtrMatch0.57

matt_kimball_and_roger_wolffmtrMatch0.58

matt_kimball_and_roger_wolffmtrMatch0.59

matt_kimball_and_roger_wolffmtrMatch0.60

matt_kimball_and_roger_wolffmtrMatch0.61

matt_kimball_and_roger_wolffmtrMatch0.62

matt_kimball_and_roger_wolffmtrMatch0.63

matt_kimball_and_roger_wolffmtrMatch0.64

matt_kimball_and_roger_wolffmtrMatch0.65

matt_kimball_and_roger_wolffmtrMatch0.66

matt_kimball_and_roger_wolffmtrMatch0.67

matt_kimball_and_roger_wolffmtrMatch0.68

matt_kimball_and_roger_wolffmtrMatch0.69

matt_kimball_and_roger_wolffmtrMatch0.70

matt_kimball_and_roger_wolffmtrMatch0.71

CPENameOperatorVersion
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtrle0.72
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.21
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.22
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.23
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.24
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.25
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.26
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.27
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.28
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.29

CPE	Name	Operator	Version
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	le	0.72
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.21
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.22
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.23
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.24
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.25
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.26
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.27
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.28
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.29