Back to search
CVE-2004-0172
Published: Feb 23, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Heap-based buffer overflow in the search_for_command function of ltrace 0.3.10, if it is installed setuid, could allow local users to execute arbitrary code via a long filename. NOTE: It is unclear whether there are any packages that install ltrace as a setuid program, so this candidate might be REJECTed.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20031008 ltrace bug
mailing-list
x_refsource_FULLDISC
1007896
vdb-entry
x_refsource_SECTRACK
8790
vdb-entry
x_refsource_BID
ltrace-searchforcommand-bo(13389)
vdb-entry
x_refsource_XF
20031008 ltrace bug
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now