Debian Security Advisory
mtr -- possible local exploit in mtr
- Date Reported:
- 09 Mar 2000
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2000-0172.
- More information:
- The version of mtr as distributed in Debian GNU/Linux 2.1
(aka slink) did not drop root privileges correctly. While there are no known
exploits it is conceivable that a weakness in gtk or ncurses could be used to
exploit this. This has been fixed in version 0.28-1, and we recommend that you
upgrade your mtr package.
- Fixed in: