Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NetBSD IPv4多播工具缓冲区溢出漏洞
Vulnerability Description
NetBSD是一款开放源代码的操作系统。 NetBSD多个IPv4多播程序在执行FD_SET()函数时缺少正确边界检查,攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以root用户权限在系统上执行任意指令。 IPv4多播相关工具如mrinfo(1)和mtrace(1), 以及PPPD都是以suid root权限安装,这些工具使用了select(2),select(2)使用fd_set描述字符集,这个描述字符集支持FD_SETSIZE (256)个文件描述符,这些工具当执行FD_SET()操作的时候没有很好
CVSS Information
N/A
Vulnerability Type
N/A