← voltar
CVE-2003-0671

CVE-2003-0671

EPSS 0.5%
Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://www.atstake.com/research/advisories/2003/a080703-1.txthttp://www.atstake.com/research/advisories/2003/a080703-2.txt