mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-12 02:04:49 +00:00
519 lines
20 KiB
JSON
519 lines
20 KiB
JSON
{
|
|
"id": "CVE-2008-2357",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2008-05-21T13:24:00.000",
|
|
"lastModified": "2024-11-21T00:46:41.977",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Stack-based buffer overflow in the split_redraw function in split.c in mtr before 0.73, when invoked with the -p (aka --split) option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the ns_name_ntop function in resolv/ns_name.c in glibc and the proper fix should be in glibc; if so, then this should not be treated as a vulnerability in mtr."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Desbordamiento de B\u00fafer basado en pila de la funci\u00f3n spot_redraw en split.c de mtr versiones anteriores a la 0.73, cuando se realiza una llamada a la funci\u00f3n con la opci\u00f3n \u2013p (tambi\u00e9n conocida como --split), permite a atacantes remotos ejecutar c\u00f3digo arbitrariamente a trav\u00e9s de registros DNS PTR manipulados. NOTA: es discutible que esta es una vulnerabilidad de la funci\u00f3n _name_ntop en resolv/ns_name.c de glibc cuyo parche correspondiente estar\u00eda en glibc; si as\u00ed fuera, entonces esto no deber\u00eda tratarse como una vulnerabilidad de mtr."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
|
"baseScore": 6.8,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": true,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "0.72",
|
|
"matchCriteriaId": "03F4DF3D-5E0D-4D68-B462-30308E5E13A1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.21:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F7853B18-8111-4D6E-9A80-AB7AAB1D66AC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.22:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8E9ED651-D6AC-4948-9F02-D5E20F00F0B6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.23:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4D1F6687-B716-4858-BE73-026BE69A0BFA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.24:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F1FA88B7-0254-463D-8F53-06E3D0F94019"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.25:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8B06FCDB-68D7-4A90-9B9D-E68C1988AE65"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.26:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "71958EE1-4E50-4D48-A44A-9BBDBC51BCFA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.27:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "20EA1E63-4547-4341-8823-2150F1BDA9C2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.28:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "374B0A57-7231-403F-B339-1F0E8051E62E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.29:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "42F67AEF-6500-4C93-94AA-996AAB9D7A85"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.30:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8024A2B3-3F77-4090-91F7-F3D1F36C07B4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.31:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0171C37E-345A-4934-92FB-7527AAF0F737"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.32:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2645AD6F-4219-42A1-AF41-D3DF3E00EC3D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.33:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ECBB8635-988E-4C10-B48D-F01DD480D2EA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.34:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C505F066-86C8-433D-BCEE-FBCC420F6B45"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.35:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "12E9959F-11DD-4AA2-960A-505486E313A1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.36:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "102D8451-F90A-4DCF-BD67-D80EECBF6204"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.37:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "04EE1273-A619-4101-8998-5B93B89D0E04"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.38:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0AF1F3A1-6078-413A-BCE1-6586AE39D0BE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.39:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EFE66E77-0054-44C5-93F8-F156C02F32C6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.40:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "15895BE3-0E68-4BDD-9F91-E5CD0F889AAF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.41:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CED7EB1A-43A1-40C8-BA1C-AE826986E89A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.42:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FC8D031C-EF4D-4909-AFB2-B388B463234D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.43:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B3CCD558-3EB8-4541-8854-CFFE1BCE4A61"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.44:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "246C99CD-B83C-4918-8283-840CE0930ED6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.45:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8F65329B-2CA9-483E-BD78-EF0EFEF6FBE0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.46:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "167DDB18-E0FF-4FE0-9070-CBEEF4D00AF6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.47:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6585D8B7-3BD9-4577-878D-5140C6EAD16D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.48:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5F2B7CF7-11D0-42EC-908E-3AD686F918BF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.49:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE6AFE6B-BAE2-43A0-A969-08A0D19CA3C3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.50:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D9E93793-1883-4562-90AC-F054FC71F7E0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.51:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A1624E70-8A0F-423A-8205-7C27260C9278"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.52:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7E7AEC9D-210E-45D5-92E9-76502A4088F0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.53:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "378C925D-E6B2-4569-825F-1F02A1C53E17"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.54:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BFBDD8C1-A741-479F-A521-B5E990C83C93"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.55:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A36351D6-635F-470C-B32A-AC0D81E4F6A5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.56:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "11C682D2-8708-449C-A195-72D609B55462"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.57:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7EA9A3EE-3CC8-4154-AC61-DC92B2213C6C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.58:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "44DFA818-A31A-4D1F-8583-3BF9A8DBDE5D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.59:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D99B8176-7A2D-4DF6-B9EF-9F6A681BCE66"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.60:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EE1F33CC-1F45-439A-B082-639A1E4F8EC9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.61:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "88E62548-9BC1-48B4-A6DC-CAF5E5802298"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.62:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F3D7D899-02F5-4D56-875D-56252BA6228B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.63:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F5322BE5-43B4-48DA-826A-C82F78F4DE07"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.64:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "34BAFF2F-A106-47A6-8C9D-A5E0AB0F9320"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.65:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6AA9702E-52A5-4AC3-B30B-CACEED6456F6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.66:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BFADC518-86EB-45EB-A65A-5065CF2984BE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.67:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FD3AA825-EC60-4B24-92B8-E5CB47460E94"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.68:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9FE1CCC-214B-421D-8A10-039BDDFB36CF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.69:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D480960D-56DF-4CD9-B088-54F5AD2EC3BA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.70:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D5570E29-C4CE-4161-A91B-98D3CE63BA40"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:matt_kimball_and_roger_wolff:mtr:0.71:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2CBB23A6-F7D8-482E-9411-BF152F68CBFF"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "ftp://ftp.bitwizard.nl/mtr/mtr-0.73.diff",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://seclists.org/fulldisclosure/2008/May/0488.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/30312",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/30340",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/30359",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/30522",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/30967",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-200806-01.xml",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/3903",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0175",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2008/dsa-1587",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:176",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/1",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/3",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/4",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/492260/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/29290",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id?1020046",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42535",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://issues.rpath.com/browse/RPL-2558",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "ftp://ftp.bitwizard.nl/mtr/mtr-0.73.diff",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://seclists.org/fulldisclosure/2008/May/0488.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/30312",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/30340",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/30359",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/30522",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/30967",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-200806-01.xml",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/3903",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0175",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2008/dsa-1587",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:176",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/1",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/3",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2008/05/21/4",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/492260/100/0/threaded",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/29290",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id?1020046",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42535",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://issues.rpath.com/browse/RPL-2558",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
],
|
|
"vendorComments": [
|
|
{
|
|
"organization": "Red Hat",
|
|
"comment": "This issue does not affect the versions of mtr as shipped with Red Hat Enterprise Linux 4 or 5.\n\nFor Red Hat Enterprise Linux 2.1 and 3, this issue can only be exploited if an attacker can convince victim to use mtr to trace path to or via the IP, for which an attacker controls PTR DNS records. Additionally, the victim must run mtr in "split mode" by providing -p or --split\ncommand line options. The Red Hat Security Response Team has therefore rated this issue as having low security impact, a future update may address this flaw.",
|
|
"lastModified": "2008-06-25T00:00:00"
|
|
}
|
|
]
|
|
} |