Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

traceroute project traceroute vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2018-21268
The traceroute (aka node-traceroute) package up to and including 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed...
Traceroute Project Traceroute
7
CVSSv3
CVE-2017-2624
It was found that xorg-x11-server prior to 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is...
X.org Xorg-serverDebian Debian Linux 7.0
NA
CVE-2002-1386
Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument.
Ehud Gavron Tracesroute 6.0Ehud Gavron Tracesroute 6.1Ehud Gavron Tracesroute 6.1.1
NA
CVE-2002-1387
The spray mode in traceroute-nanog (aka traceroute-ng) may allow local users to overwrite arbitrary memory locations via an array index overflow using the nprobes (number of probes) argument.
Ehud Gavron Tracesroute 6.1.1Ehud Gavron Tracesroute 6.0Ehud Gavron Tracesroute 6.1
NA
CVE-2002-1364
Buffer overflow in the get_origin function in traceroute-nanog allows malicious users to execute arbitrary code via long WHOIS responses.
Ehud Gavron Tracesroute 6.0Ehud Gavron Tracesroute 6.1.1
NA
CVE-2002-1051
Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument.
Ehud Gavron Tracesroute 6.1Ehud Gavron Tracesroute 6.1.1Ehud Gavron Tracesroute 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073CVE-2024-5496CVE-2024-5495XPath injectionbypassCVE-2024-30043CVE-2024-24919denial of serviceCVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook