CVE-2003-0671 in tcpflowinfo

Zusammenfassung

von MITRE

Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

07.08.2003

Veröffentlichung

27.08.2003

Moderieren

akzeptiert

Eintrag

VDB-237

CPE

bereit

CWE

CWE-134 (bestätigt)

Exploit

Download

CVSS

6.3 (VulDB)

EPSS

0.00536

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-0671
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0671
CVE Details	https://www.cvedetails.com/cve/CVE-2003-0671/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!