CVE-2002-0497
published 2002-08-12CVE-2002-0497: Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.
PriorityP410low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.50%
39.1th percentile
Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mtr | mtr | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9gh7-fmr6-5f54: Buffer overflow in mtr 0
ghsa_unreviewed·2022-04-30
CVE-2002-0497 [LOW] GHSA-9gh7-fmr6-5f54: Buffer overflow in mtr 0
Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.
Red Hat
CVE-2002-0497: Buffer overflow in mtr 0
vendor_redhat·CVSS 2.1
CVE-2002-0497 [LOW] CVE-2002-0497: Buffer overflow in mtr 0
Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
No detection rules found.
No public exploits indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-03/0048.htmlhttp://www.debian.org/security/2002/dsa-124http://www.iss.net/security_center/static/8367.phphttp://www.securityfocus.com/bid/4217http://archives.neohapsis.com/archives/bugtraq/2002-03/0048.htmlhttp://www.debian.org/security/2002/dsa-124http://www.iss.net/security_center/static/8367.phphttp://www.securityfocus.com/bid/4217
2002-08-12
Published