CVE-2003-0671 in tcpflowinformazioni

Riassunto

di MITRE

Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

07/08/2003

Divulgazione

27/08/2003

Moderazione

accettato

Voce

VDB-237

CPE

pronto

CWE

CWE-134 (confermato)

Sfruttamento

Scaricare

CVSS

6.3 (VulDB)

EPSS

0.00536

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-0671
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0671
CVE Details	https://www.cvedetails.com/cve/CVE-2003-0671/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to know what is going to be exploited?

We predict KEV entries!