Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib before 0.9 allows remote attackers to cause a denial of service via a directory entry whose length is exactly MAXNAMELEN, which prevents a terminating null byte from being added.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FSPLIB fsp_readdir_native函数单字节溢出漏洞
Vulnerability Description
FSP(文件服务协议)是用于传输文件的轻型基于UDP的协议。 FSP库的fsp_readdir_native函数存在单字节溢出漏洞。 FSP库的fsp_readdir_native函数没有正确地处理文件名,如果所定义的MAXNAMLEN大于256的话,就可能触发栈溢出;FSP库的fsp_readdir函数没有正确处理目录项,如果没有为目录项的d_name字段分配充分的大小的话也可能触发栈溢出。 如果用户使用捆绑有FSP库的应用程序传输了恶意文件的话,就可能触发这些溢出,导致执行任意指令。
CVSS Information
N/A
Vulnerability Type
N/A