Michael C. Toren: Security Vulnerabilities
tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.
CVSS Score
7.2
EPSS Score
0.0
Published
2003-08-07