CVE-2024-52949

Опубликовано: 16 дек. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

Ссылки

https://github.com/iptraf-ng/iptraf-ng/releases/tag/v1.2.1
Release Notes
https://www.gruppotim.it/it/footer/red-team.html
Exploit
Third Party Advisory
https://www.gruppotim.it/it/footer/red-team.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:iptraf-ng:iptraf-ng:1.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.00134

Низкий

7.5 High

CVSS3

Дефекты

CWE-120

Связанные уязвимости

CVE-2024-52949

CVSS3: 7.5

ubuntu

больше 1 года назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 6.6

redhat

больше 1 года назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 7.5

msrc

больше 1 года назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 7.5

debian

больше 1 года назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, th ...

RLSA-2025:7064

rocky

6 месяцев назад

Moderate: iptraf-ng security update

EPSS

Процентиль: 33%

0.00134

Низкий

7.5 High

CVSS3

Дефекты

CWE-120