CVE-2008-2357

Priority
Description
Stack-based buffer overflow in the split_redraw function in split.c in mtr
before 0.73, when invoked with the -p (aka --split) option, allows remote
attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it
could be argued that this is a vulnerability in the ns_name_ntop function
in resolv/ns_name.c in glibc and the proper fix should be in glibc; if so,
then this should not be treated as a vulnerability in mtr.
Notes
Package
Source: mtr (LP Ubuntu Debian)
Upstream:released (0.73)
More Information

Updated: 2020-03-18 21:58:16 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)