Описание
iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.
A security issue was found in iptraf-ng. An attacker may be able to trigger a buffer overflow condition via a specially-crafted payload. This can lead to memory corruption and, in some cases, privilege escalation or arbitrary code execution.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | iptraf-ng | Not affected | ||
| Red Hat Enterprise Linux 7 | iptraf-ng | Out of support scope | ||
| Red Hat Enterprise Linux 8 | iptraf-ng | Out of support scope | ||
| Red Hat Enterprise Linux 9 | iptraf-ng | Fixed | RHSA-2025:7064 | 13.05.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.6 Medium
CVSS3
Связанные уязвимости
iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.
iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.
iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.
iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, th ...
EPSS
6.6 Medium
CVSS3