CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-1051

MEDIUM
4.6
CVSS Severity Score
EPSS Score0.1670%
EPSS Percentile5.86th
Published2002年10月4日
Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument.

Affected Platforms (CPE)

📦
Ehud Gavron

Tracesroute

= 6.0
📦
Ehud Gavron

Tracesroute

= 6.1
📦
Ehud Gavron

Tracesroute

= 6.1.1

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-06/0040.html
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-07/0254.html
🔗 http://marc.info/?l=bugtraq&m=102737546927749&w=2
🔗 http://marc.info/?l=bugtraq&m=102753136231920&w=2
🔗 http://www.iss.net/security_center/static/9291.php
🔗 http://www.novell.com/linux/security/advisories/2000_041_traceroute_txt.html
🔗 http://www.securityfocus.com/bid/4956
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-06/0040.html

関連する脆弱性情報

CVE-2002-136910.0

jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing...

CVE-2002-000510.0

Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary...

CVE-2002-135910.0

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause ...

CVE-2002-000710.0

CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a re...