← volver
CVE-2003-0671

CVE-2003-0671

EPSS 0.5%
Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://www.atstake.com/research/advisories/2003/a080703-1.txthttp://www.atstake.com/research/advisories/2003/a080703-2.txt