CVE-2004-1224
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/01/2005
Last modified:
11/07/2017
Description
Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator.
Impact
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:mtr:mtr:0.55:*:*:*:*:*:*:* | ||
cpe:2.3:a:mtr:mtr:0.56:*:*:*:*:*:*:* | ||
cpe:2.3:a:mtr:mtr:0.57:*:*:*:*:*:*:* | ||
cpe:2.3:a:mtr:mtr:0.58:*:*:*:*:*:*:* | ||
cpe:2.3:a:mtr:mtr:0.59:*:*:*:*:*:*:* | ||
cpe:2.3:a:mtr:mtr:0.60:*:*:*:*:*:*:* | ||
cpe:2.3:a:mtr:mtr:0.61:*:*:*:*:*:*:* | ||
cpe:2.3:a:mtr:mtr:0.62:*:*:*:*:*:*:* | ||
cpe:2.3:a:mtr:mtr:0.63:*:*:*:*:*:*:* | ||
cpe:2.3:a:mtr:mtr:0.64:*:*:*:*:*:*:* | ||
cpe:2.3:a:mtr:mtr:0.65:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page