Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license banner HTTP check, allows remote attackers to execute arbitrary code via a long web server response.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ISS漏洞扫描器远程缓冲区溢出漏洞
Vulnerability Description
ISS Scanner是一款ISS公司开发和维护商业性质的漏洞扫描程序。 ISS扫描器在执行HTTP banner检查时对返回信息缺少正确处理,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以用户进程的权限在系统上执行任意指令。 由于ISS扫描器在执行HTTP banner检查时没有正确检查WEB服务返回的数据长度,攻击者可以在被扫描的WEB服务器上设置返回超长的HTTP结果代码,当ISS进行如WEB banner扫描的时候,返回的信息可以导致ISS产生缓冲区溢出,精心构建返回的数据可能以用户进程的权
CVSS Information
N/A
Vulnerability Type
N/A