CVSS: 4.6EPSS: 0%CPEs: 11EXPL: 0CVE-2004-1224
https://notcve.org/view.php?id=CVE-2004-1224
Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator. • http://marc.info/?l=bugtraq&m=110279034910663&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18428 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1CVE-2002-0497
https://notcve.org/view.php?id=CVE-2002-0497
Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable. • http://archives.neohapsis.com/archives/bugtraq/2002-03/0048.html http://www.debian.org/security/2002/dsa-124 http://www.iss.net/security_center/static/8367.php http://www.securityfocus.com/bid/4217 •