Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AOLServer Developer API Ns_PdLog()远程格式化串漏洞
Vulnerability Description
AOLServer是一款免费开放源代码的HTTP服务程序,由AOL公司和开放源代码开发团体合作开发。提供如TCL解析,动态内容处理等功能。 AOLServer提供的外部数据库驱动Proxy守护程序API存在格式化串漏洞,可能导致远程攻击者以AOLServer的进程权限执行在系统上执行任意指令。 其中API中的Ns_PdLog()传递外部数据到syslog()函数,攻击者可以使用一个包含格式串的恶意字符串作为参数提供给Ns_PdLog()函数,这个字符串将被作为格式串传递给syslog()函数,可能导致攻击
CVSS Information
N/A
Vulnerability Type
N/A