Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2008-2357

Stack-based buffer overflow in the split_redraw function in split.c in mtr before 0.73, when invoked with the -p (aka --split) option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the ns_name_ntop function in resolv/ns_name.c in glibc and the proper fix should be in glibc; if so, then this should not be treated as a vulnerability in mtr.

  • Published: May 21, 2008
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-2357
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
matt_kimball_and_roger_wolff / mtr 0.35 0.35.x
matt_kimball_and_roger_wolff / mtr 0.25 0.25.x
matt_kimball_and_roger_wolff / mtr 0.69 0.69.x
matt_kimball_and_roger_wolff / mtr 0.37 0.37.x
matt_kimball_and_roger_wolff / mtr 0.49 0.49.x
matt_kimball_and_roger_wolff / mtr 0.59 0.59.x
matt_kimball_and_roger_wolff / mtr 0.34 0.34.x
matt_kimball_and_roger_wolff / mtr 0.60 0.60.x
matt_kimball_and_roger_wolff / mtr 0.52 0.52.x
matt_kimball_and_roger_wolff / mtr 0.58 0.58.x
matt_kimball_and_roger_wolff / mtr 0.39 0.39.x
matt_kimball_and_roger_wolff / mtr 0.42 0.42.x
matt_kimball_and_roger_wolff / mtr 0.22 0.22.x
matt_kimball_and_roger_wolff / mtr 0.70 0.70.x
matt_kimball_and_roger_wolff / mtr 0.32 0.32.x
matt_kimball_and_roger_wolff / mtr 0.24 0.24.x
matt_kimball_and_roger_wolff / mtr 0.46 0.46.x
matt_kimball_and_roger_wolff / mtr 0.71 0.71.x
matt_kimball_and_roger_wolff / mtr 0.45 0.45.x
matt_kimball_and_roger_wolff / mtr 0.65 0.65.x
matt_kimball_and_roger_wolff / mtr 0.28 0.28.x
matt_kimball_and_roger_wolff / mtr 0.31 0.31.x
matt_kimball_and_roger_wolff / mtr 0.51 0.51.x
matt_kimball_and_roger_wolff / mtr 0.38 0.38.x
matt_kimball_and_roger_wolff / mtr 0.68 0.68.x
matt_kimball_and_roger_wolff / mtr 0.66 0.66.x
matt_kimball_and_roger_wolff / mtr 0.43 0.43.x
matt_kimball_and_roger_wolff / mtr 0.29 0.29.x
matt_kimball_and_roger_wolff / mtr 0.47 0.47.x
matt_kimball_and_roger_wolff / mtr 0.55 0.55.x
matt_kimball_and_roger_wolff / mtr 0.50 0.50.x
matt_kimball_and_roger_wolff / mtr 0.57 0.57.x
matt_kimball_and_roger_wolff / mtr 0.40 0.40.x
matt_kimball_and_roger_wolff / mtr 0.23 0.23.x
matt_kimball_and_roger_wolff / mtr 0.62 0.62.x
matt_kimball_and_roger_wolff / mtr 0.61 0.61.x
matt_kimball_and_roger_wolff / mtr 0.36 0.36.x
matt_kimball_and_roger_wolff / mtr 0.63 0.63.x
matt_kimball_and_roger_wolff / mtr 0.64 0.64.x
matt_kimball_and_roger_wolff / mtr 0.21 0.21.x
matt_kimball_and_roger_wolff / mtr 0.26 0.26.x
matt_kimball_and_roger_wolff / mtr 0.44 0.44.x
matt_kimball_and_roger_wolff / mtr 0.67 0.67.x
matt_kimball_and_roger_wolff / mtr 0.53 0.53.x
matt_kimball_and_roger_wolff / mtr - 0.72.x
matt_kimball_and_roger_wolff / mtr 0.30 0.30.x
matt_kimball_and_roger_wolff / mtr 0.33 0.33.x
matt_kimball_and_roger_wolff / mtr 0.56 0.56.x
matt_kimball_and_roger_wolff / mtr 0.27 0.27.x
matt_kimball_and_roger_wolff / mtr 0.54 0.54.x
matt_kimball_and_roger_wolff / mtr 0.48 0.48.x
matt_kimball_and_roger_wolff / mtr 0.41 0.41.x