Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
traceroute project traceroute vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-21268
The traceroute (aka node-traceroute) package up to and including 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed...
Traceroute Project Traceroute
7
CVSSv3
CVE-2017-2624
It was found that xorg-x11-server prior to 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is...
X.org Xorg-server
Debian Debian Linux 7.0
1 Github repository
NA
CVE-2002-1386
Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument.
Ehud Gavron Tracesroute 6.0
Ehud Gavron Tracesroute 6.1
Ehud Gavron Tracesroute 6.1.1
NA
CVE-2002-1387
The spray mode in traceroute-nanog (aka traceroute-ng) may allow local users to overwrite arbitrary memory locations via an array index overflow using the nprobes (number of probes) argument.
Ehud Gavron Tracesroute 6.1.1
Ehud Gavron Tracesroute 6.0
Ehud Gavron Tracesroute 6.1
NA
CVE-2002-1364
Buffer overflow in the get_origin function in traceroute-nanog allows malicious users to execute arbitrary code via long WHOIS responses.
Ehud Gavron Tracesroute 6.0
Ehud Gavron Tracesroute 6.1.1
1 EDB exploit
NA
CVE-2002-1051
Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument.
Ehud Gavron Tracesroute 6.1
Ehud Gavron Tracesroute 6.1.1
Ehud Gavron Tracesroute 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started