Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PADL Software nss_ldap DNS查询应答拒绝服务攻击漏洞
Vulnerability Description
nss_ldap模块用于与LDAP服务器通信,可以查询和处理主机用户,用户组等信息的程序。 nss_ldap模块错误验证被截断的DNS查询应答,远程攻击者可以利用这个漏洞进行拒绝服务攻击。 nss_ldap没有正确检查由DNS查询返回而且被截断的应答数据,当处理截断的查询应答时可导致nss_ldap读取合法内存以外的地址,这将使nss_ldap崩溃,产生拒绝服务。看起来不能利用来执行任意指令,不过没有得到证实。
CVSS Information
N/A
Vulnerability Type
N/A