Red Hat Bugzilla – Bug 15917
Maksimum packetlength checked badly (Local DoS)
Last modified: 2008-05-01 11:37:57 EDT
If you give packet length with (second) command line parameter, the
traceroute checks the maximum size of packet before assigning the given
value to variable. So you can get traceroute to allocate huge block of
memory, and becouse traceroute is suid program ulimits of users don't
affect. => Normal user can use all of the memory and makes the machine
Patchfile and fixed source- and binary-rpm-file is available at
This happens in RHL 7.0 beta too. It drops the privileges earlier though.
Fixed (by adding patch) in traceroute-1.4a5-24. Thanks for the patch.