CVE-2024-52949

Опубликовано: 16 дек. 2024

Источник: debian

Описание

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
iptraf-ng	unfixed			package

Примечания

https://github.com/iptraf-ng/iptraf-ng/commit/2b623e991115358a57275af8a53feb5ae707b3ae (v1.2.2)
Negligible security impact

Связанные уязвимости

CVE-2024-52949

CVSS3: 7.5

ubuntu

11 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 6.6

redhat

11 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 7.5

nvd

11 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 9.8

msrc

10 месяцев назад

Описание отсутствует

GHSA-94mp-gc2x-rqm6

CVSS3: 9.8

github

11 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow.