VYPR
Vendor

Mtr

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2000-0172Mar 3, 2000
    risk 0.03cvss epss 0.01

    The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges.

  • CVE-2008-2357May 21, 2008
    risk 0.00cvss epss 0.05

    Stack-based buffer overflow in the split_redraw function in split.c in mtr before 0.73, when invoked with the -p (aka --split) option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the…

  • CVE-2004-1224Jan 10, 2005
    risk 0.00cvss epss 0.00

    Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator.

  • CVE-2002-0497Aug 12, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.