CVE-2003-0489
Summary
tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.
- LOW
- LOCAL
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
References
Advisory Timeline
- Published