VULHUB ™

MTR is a freely available, open source program for tracerouting and pinging remote hosts. It is freely available, and open source. A buffer overflow exists in MTR. The problem is due to insufficient bounds checking on operations using the MTR_OPTIONS environment variable. This overflow could lead to the corruption of stack variables and could result in the execution of attacker-supplied code. This program is setuid root, and may therefore make it possible for an attacker to elevate privileges if exploited successfully.

MTR is a freely available, open source program for tracerouting and pinging remote hosts. It is freely available, and open source. A buffer overflow exists in MTR. The problem is due to insufficient bounds checking on operations using the MTR_OPTIONS environment variable. This overflow could lead to the corruption of stack variables and could result in the execution of attacker-supplied code. This program is setuid root, and may therefore make it possible for an attacker to elevate privileges if exploited successfully.