Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in Uptime Client (UpClient) 5.0b7, and possibly other versions, allows local users to gain privileges via a long -p argument.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Upclient本地缓冲区溢出漏洞
Vulnerability Description
Uptime Client是一款跟踪用户启动时间,并能发送给服务器,使用户可以对其他数据进行比较统计。 upclient程序没有正确对命令行参数的边界缓冲区进行检查,本地攻击者可以利用这个漏洞进行缓冲区溢出攻击,可以'kmem'权限在系统上执行任意指令。 本地攻击者可以提交超长字符串作为命令行参数提交给upclient,可触发缓冲区溢出,精心构建提交字符串数据可能以'kmem'权限在系统上执行任意指令。 不过Upclient一般以可选程序安装,默认在FreeBSD中没有安装。
CVSS Information
N/A
Vulnerability Type
N/A