MTR : Security Vulnerabilities, CVEs,
Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-01-10
Updated
2017-07-11
Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-08-12
Updated
2008-09-05
2 vulnerabilities found