Lucene search
+L

115 matches found

nvd
nvd
added 2008/05/21 1:24 p.m.9 views

CVE-2008-2357

Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...

6.8CVSS7.7AI score0.04705EPSS
Exploits1References21
osv
osv
added 2008/05/21 1:24 p.m.6 views

CVE-2008-2357

Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...

7.7AI score
Exploits0References21
osv
osv
added 2008/05/21 1:24 p.m.2 views

DEBIAN-CVE-2008-2357

Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...

6.8CVSS7.8AI score0.04705EPSS
Exploits1References1
cvelist
cvelist
added 2008/05/21 10:0 a.m.25 views

CVE-2008-2357

Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...

7.6AI score0.04705EPSS
Exploits1References21
cve
cve
added 2008/05/21 10:0 a.m.69 views

CVE-2008-2357

CVE-2008-2357 affects mtr prior to version 0.73, where a stack-based buffer overflow in split_redraw (split.c) can be triggered by a crafted DNS PTR record when using -p. Several OpenVAS/Nessus entries link this to multiple distributions (e.g., SUSE/OpenSUSE, Gentoo GLSA, Slackware SSA) and refer...

6.8CVSS7.6AI score0.04705EPSS
Exploits1References21Affected Software1
debiancve
debiancve
added 2008/05/21 10:0 a.m.45 views

CVE-2008-2357

Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...

6.8CVSS7.6AI score0.04705EPSS
Exploits1
securityvulns
securityvulns
added 2008/05/20 12:0 a.m.28 views

mtr (multiprotocol traceroute) buffer overflow

Buffer overflow on DNS server response parsing...

5.3AI score
Exploits0References1
openvas
openvas
added 2008/01/17 12:0 a.m.16 views

Debian Security Advisory DSA 124-1 (mtr)

The remote host is missing an update to mtr announced via advisory DSA 124-1. OpenVAS Vulnerability Test $Id: deb1241.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 124-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

2.1CVSS0.1AI score0.00501EPSS
Exploits1
openvas
openvas
added 2008/01/17 12:0 a.m.8 views

Debian Security Advisory DSA 124-1 (mtr)

The remote host is missing an update to mtr announced via advisory DSA 124-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS7.2AI score0.00501EPSS
Exploits1References1
nvd
nvd
added 2005/01/10 5:0 a.m.15 views

CVE-2004-1224

Off-by-one error in the mtrcurseskeyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator...

4.6CVSS6.5AI score0.00333EPSS
Exploits0References2
osv
osv
added 2005/01/10 5:0 a.m.5 views

DEBIAN-CVE-2004-1224

Off-by-one error in the mtrcurseskeyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator...

4.6CVSS6.8AI score0.00333EPSS
Exploits0References1
osv
osv
added 2005/01/10 5:0 a.m.8 views

CVE-2004-1224

Off-by-one error in the mtrcurseskeyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator...

6.8AI score
Exploits0References2
cve
cve
added 2004/12/15 5:0 a.m.53 views

CVE-2004-1224

The CVE-2004-1224 entry concerns an off-by-one in the mtr_curses_keyaction function affecting MTR versions 0.55–0.65. This flaw can allow local attackers to hijack raw sockets via the 's' keybinding, leaving a buffer without a NULL terminator. Affected products are multiple CVE trackers (NVD, OSV...

4.6CVSS6.5AI score0.00333EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2004/12/15 5:0 a.m.21 views

CVE-2004-1224

Off-by-one error in the mtrcurseskeyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator...

4.6CVSS6.4AI score0.00333EPSS
Exploits0
securityvulns
securityvulns
added 2004/12/12 12:0 a.m.39 views

mtr buffer overflow

Off-by-one overflows during keycode handlings...

3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2004/12/12 12:0 a.m.50 views

Local off-by-one in mtr versions 0.55 to 0.65

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Local off-by-one in mtr versions 0.55 to 0.65 - ---------------------------------------------- Przemysіaw Frasunek [email protected] / 11th December 2004 1. Background mtr combines the functionality of the 'traceroute' and 'ping' programs in a...

Exploits0
nessus
nessus
added 2004/09/29 12:0 a.m.29 views

Debian DSA-124-1 : mtr - buffer overflow

The authors of mtr released a new upstream version, noting a non-exploitable buffer overflow in their ChangeLog. Przemyslaw Frasunek, however, found an easy way to exploit this bug, which allows an attacker to gain access to the raw socket, which makes IP spoofing and other malicious network...

2.1CVSS5.6AI score0.00501EPSS
Exploits1References3
cve
cve
added 2003/04/02 5:0 a.m.49 views

CVE-2002-0497

CVE-2002-0497 describes a buffer overflow in mtr versions 0.46 and earlier when installed setuid root, allowing local users to access a raw socket via a long MTR_OPTIONS environment variable. The vulnerability is documented across multiple sources (Red Hat, Debian, NVD, CVE listings) and affects ...

2.1CVSS6.5AI score0.00501EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2003/04/02 5:0 a.m.26 views

CVE-2002-0497

Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTROPTIONS environment variable...

6.4AI score0.00501EPSS
Exploits1References4
nvd
nvd
added 2002/08/12 4:0 a.m.19 views

CVE-2002-0497

Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTROPTIONS environment variable...

2.1CVSS6.4AI score0.00501EPSS
Exploits1References4
Rows per page
Query Builder