Vulnerabilities

CVE-2003-0671

by Fred · 14/08/2003

Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow.

Date published : 2003-08-14

http://www.atstake.com/research/advisories/2003/a080703-1.txt

http://www.atstake.com/research/advisories/2003/a080703-2.txt

Similar

Tags: Cybersecurity Alert

CVE-2003-0671

Similar

Recent Posts

Categories

CVE-2003-0671

Share this:

Similar

Recent Posts

Categories

Tags