> The mtr developers have been contacted on the address supplied with > the code, but no reply has been received. > > The remedy to this problem is very simple: the call to seteuid() > should be replaced with a call to setuid(). Apply the following > diff to mtr.c > in the mtr distribution. >From /usr/doc/mtr/changelog.Debian.gz: mtr (0.28-1) stable; urgency=high * Security fix for theoretical stack-smash-and-fork attack - s/seteuid/setuid/ in mtr.c
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:38:55 PDT