Описание
Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mtr:mtr:0.55:*:*:*:*:*:*:*
cpe:2.3:a:mtr:mtr:0.56:*:*:*:*:*:*:*
cpe:2.3:a:mtr:mtr:0.57:*:*:*:*:*:*:*
cpe:2.3:a:mtr:mtr:0.58:*:*:*:*:*:*:*
cpe:2.3:a:mtr:mtr:0.59:*:*:*:*:*:*:*
cpe:2.3:a:mtr:mtr:0.60:*:*:*:*:*:*:*
cpe:2.3:a:mtr:mtr:0.61:*:*:*:*:*:*:*
cpe:2.3:a:mtr:mtr:0.62:*:*:*:*:*:*:*
cpe:2.3:a:mtr:mtr:0.63:*:*:*:*:*:*:*
cpe:2.3:a:mtr:mtr:0.64:*:*:*:*:*:*:*
cpe:2.3:a:mtr:mtr:0.65:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00059
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 20 лет назад
Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 thr ...
github
больше 3 лет назад
Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator.
EPSS
Процентиль: 19%
0.00059
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other