Privilege Escalation via Incomplete Privilege Drop in tcptraceroute 1.4 and Earlier
CVE-2003-0489 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.
Learn more about our User Device Pen Test.