Stack-based buffer overflow in the split_redraw function in split.c in mtr before 0.73, when invoked with the -p (aka --split) option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the ns_name_ntop function.....
7.7AI Score
0.128EPSS
Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL...
6.7AI Score
0.0004EPSS
Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment...
6.7AI Score
0.0004EPSS
The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root...
7.4AI Score
0.0004EPSS