CVE-2004-1224

Published Jan 10, 2005

Last updated 7 years ago

CVSS info 4.6

Overview

Description: Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.55:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D50C209-08AF-4963-AC90-3F1B7F08850D"
          },
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.56:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71AB80F7-BDC5-429C-B5B2-115A42E60ACB"
          },
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.57:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4320720D-49CC-43C4-8A51-5F6F4426114B"
          },
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.58:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8920C4F0-A775-451E-8C50-1AC333C6FCE6"
          },
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.59:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3ED801FC-7836-4481-95D5-759A70000870"
          },
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B709A2B-EBD1-4AE1-A8F2-2EFEC7EE9A0A"
          },
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.61:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A0E6884-0608-4A8B-8043-D792C30BE52D"
          },
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.62:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "735480C0-9330-420F-86A8-515EB96748A1"
          },
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.63:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "635E5D80-E25C-44CE-9108-E06EA1141AED"
          },
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.64:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "110007D5-A1CA-4045-BA98-A8D082CD3FEB"
          },
          {
            "criteria": "cpe:2.3:a:mtr:mtr:0.65:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F25D3F1-846E-4FE8-B778-8A44C150BFDC"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References