Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1051

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2002-1051
Last Modified 10 Sep 2008 03:13:48
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1051

Summary

Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument.

Vulnerable Systems

Application

  • Ehud Gavron Tracesroute 6.0

  • Ehud Gavron Tracesroute 6.1

  • Ehud Gavron Tracesroute 6.1.1


References

BID - 4956

XF - tracesroute-t-format-string(9291)

SUSE - SuSE-SA:2000:041

BUGTRAQ - 20020724 Re: Nanog traceroute format string exploit.

BUGTRAQ - 20020721 Nanog traceroute format string exploit.

BUGTRAQ - 20020723 Re: Nanog traceroute format string exploit.

BUGTRAQ - 20020606 Format String bug in TrACESroute 6.0 GOLD


Last Updated: 27 May 2016 10:37:10