CVE-2003-0671

Publication date

2003-08-14 04:00:00

Family

mitre

State

PUBLISHED

Description

Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow.