Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 might allow remote attackers to execute arbitrary code via (1) a long filename that is not properly handled by the fsp_readdir_native function when MAXNAMLEN is greater than 255, or (2) a long d_name directory (dirent) field in the fsp_readdir function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FSPLIB fsp_readdir_native函数多个栈缓冲溢出漏洞
Vulnerability Description
FSP(文件服务协议)是用于传输文件的轻型基于UDP的协议。 FSP库的fsp_readdir_native函数存在多个基于堆栈的缓冲区溢出漏洞。 FSP库的fsp_readdir_native函数没有正确地处理文件名,如果所定义的MAXNAMLEN大于256的话,就可能触发栈溢出;FSP库的fsp_readdir函数没有正确处理目录项,如果没有为目录项的d_name字段分配充分的大小的话也可能触发栈溢出。 如果用户使用捆绑有FSP库的应用程序传输了恶意文件的话,就可能触发这些溢出,导致执行任意指令。
CVSS Information
N/A
Vulnerability Type
N/A