INFSA-2025:7064: iptraf-ng security update
Information about definition
Identificator: INFSA-2025:7064
Type: security
Release date: 2025-06-10 08:57:11 UTC
Information about package
IPTraf-ng is a console-based network monitoring utility which includes an IP traffic monitor, a TCP and UDP service monitor, and a LAN statistics module. It supports Ethernet, FDDI, ISDN, SLIP, PPP, and loopback interfaces as well as the built-in raw socket interface of the Linux kernel.
Vulnerabilities description
- CVE-2024-52949
iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-52949
|
no information | 6.6 | no information |
Updated packages