CVE-2024-52949

Опубликовано: 16 дек. 2024

Источник: debian

EPSS Низкий

Описание

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
iptraf-ng	unfixed			package

Примечания

https://github.com/iptraf-ng/iptraf-ng/commit/2b623e991115358a57275af8a53feb5ae707b3ae (v1.2.2)
Negligible security impact

EPSS

Процентиль: 12%

0.00042

Низкий

Связанные уязвимости

CVE-2024-52949

CVSS3: 9.8

ubuntu

8 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 6.6

redhat

8 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 9.8

nvd

8 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 9.8

msrc

7 месяцев назад

Описание отсутствует

GHSA-94mp-gc2x-rqm6

CVSS3: 9.8

github

8 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow.

EPSS

Процентиль: 12%

0.00042

Низкий