traceroute@0.0.2 vulnerabilities

Wrapper around native traceroute command

Direct Vulnerabilities

Known vulnerabilities in the traceroute package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Shell Command Injection

traceroute is an npm package used for listing references in a remote git repository.

Affected versions of this package are vulnerable to Arbitrary Command Injection due to the insecure use of exec. An attacker can add a newline %0a after the host addr, and inject malicious shell commands to disrupt server operation or obtain sensitive information.

PoC by Dor Dali

traceroute = require('traceroute');

host = '127.0.0.1\ntouch /tmp/malicious';

traceroute.trace(host, function (err,hops) {
    // the file /tmp/malicious was created
    console.log(hops);
});

How to fix Shell Command Injection?

There currently is no fixed version for traceroute. A fix is on the master branch but was not published to npm.

<=1.0.0