Back to CVE Browser

CVE-2002-1386

MEDIUM

4.6

CVSS Severity Score

EPSS Score0.1320%

EPSS Percentile29.27th

PublishedJan 2, 2003

Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument.

Affected Platforms (CPE)

📦

Ehud Gavron

Tracesroute

= 6.0

📦

Ehud Gavron

Tracesroute

= 6.1

📦

Ehud Gavron

Tracesroute

= 6.1.1

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=103849968732634&w=2

🔗 http://www.debian.org/security/2003/dsa-254

🔗 http://www.iss.net/security_center/static/10608.php

🔗 http://www.securityfocus.com/bid/6274

🔗 http://marc.info/?l=bugtraq&m=103849968732634&w=2

🔗 http://www.debian.org/security/2003/dsa-254

🔗 http://www.iss.net/security_center/static/10608.php

🔗 http://www.securityfocus.com/bid/6274

Related Vulnerabilities

CVE-2002-10514.6

Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T...

CVE-2002-074710.0

Buffer overflow in lsmcode in AIX 4.3.3.

CVE-2002-135910.0

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause ...

CVE-2002-136910.0

jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing...