Off-by-one vulnerability in mtr_curses_keyaction function allows local users to hijack raw sockets

Off-by-one vulnerability in mtr_curses_keyaction function allows local users to hijack raw sockets

CVE-2004-1224 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator.

Learn more about our Cis Benchmark Audit For Bind.