CVE-2004-1224

EPSS 0.07%

Published: 1/10/2005Modified: 4/28/2026

Description

Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator.

Affected packages (1)

Debian/mtrfrom 0, < 0.67-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-1224