CVE-2003-0453

Name of the Vulnerable Software and Affected Versions traceroute-nanog version 6.1.1

Description The issue allows local users to potentially execute arbitrary code via certain arguments that cause an integer overflow, leading to a buffer overflow. This can be achieved by exploiting the nprobes and max ttl arguments. Additionally, there are multiple vulnerabilities in the traceroute-nanog package that can lead to disruption of confidentiality, integrity, and availability of protected information, and these can be exploited remotely.

Recommendations For traceroute-nanog version 6.1.1, consider restricting the use of the nprobes and max ttl arguments to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using these arguments in sensitive operations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.