Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 124-1 (mtr)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to mtr announced via advisory DSA 124-1.
Insight
Insight
The authors of mtr released a new upstream version, noting a non-exploitable buffer overflow in their ChangeLog. Przemyslaw Frasunek, however, found an easy way to exploit this bug, which allows an attacker to gain access to the raw socket, which makes IP spoofing and other malicious network activity possible. The problem has been fixed by the Debian maintainer in version 0.41-6 for the stable distribution of Debian by backporting the upstream fix and in version 0.48-1 for the testing/unstable distribution. We recommend that you upgrade your mtr package immediately.
Solution
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20124-1