Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, and (11) TSP dissectors, which do not properly use the tvb_get_nstringz and tvb_get_nstringz0 functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ethereal多个解析器单字节缓冲区溢出漏洞
Vulnerability Description
Ethereal是一款免费开放源代码的网络协议分析程序,可使用在Unix和Windows操作系统下。 Ethereal包含的多个解析器以不安全方式使用tvb_get_nstringz()和tvb_get_nstringz0()函数,远程攻击者可以利用这个漏洞对Ethereal进行单字节缓冲区溢出,可能以root用户权限在系统上执行任意指令。 在ATMGIOP Gryphon、OSPF、PPTP、Quake、Quake2、Quake3、Rsync、SMB、SMPP和TSP解析器处理中存在单字节缓冲区溢出,攻
CVSS Information
N/A
Vulnerability Type
N/A