Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ethereal SOCKS解析器格式串溢出漏洞
Vulnerability Description
Ethereal是一款免费开放源代码的网络协议分析程序,可使用在Unix和Windows操作系统下。 Ethereal中的SOCKS解析器在处理畸形SOCKS包时存在漏洞,远程攻击者利用这个漏洞进行缓冲区溢出攻击,可能以Ethereal进程权限在系统上执行任意指令。 问题发生在"packet-socks.c"中的910行中: ----- proto_tree_add_text( tree, tvb, offset, linelen, format_text(data, linelen)); ------
CVSS Information
N/A
Vulnerability Type
N/A