Given a specific set of command line arguments, Layer Four Traceroute (lft) will produce a segmentation fault leading to a possible privilege escalation vulnerability.
pWhois Layer Four Traceroute 3.x contains a vulnerability when parsing command line arguments. Earlier versions of Layer Four Traceroute may also be vulnerable. Some distributions that package Layer Four Traceroute are not vulnerable because they do not install the 'lft' binary SETUID root.
If Layer Four Traceroute is installed SETUID root, a local attacker may be able to exploit the vulnerability for privilege escalation.
Apply an Update
Upgrade to Layer Four Traceroute 3.3 or later.
Thanks to Markus Gothe for reporting this vulnerability.
This document was written by Jared Allar.
|Date First Published:||2011-04-04|
|Date Last Updated:||2011-04-04 14:16 UTC|