Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier does not verify that a certain "number of URLs" field is consistent with the packet length, which allows remote attackers to cause a denial of service (daemon crash) via a large integer in this field in a packet to the Service Location Protocol (SLP) service on UDP port 427, triggering an out-of-bounds read.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Group Logic ExtremeZ-IP File/Print Servers ExtremeZ-IP.exe 拒绝服务攻击漏洞
Vulnerability Description
ExtremeZ-IP File and Print Server 5.1.2x15以及之前的版本中的ExtremeZ-IP.exe不验证一个特定的"number of URLs"字段是否与信息包的长度一致,这使得远程攻击者可以借助该字段中的一个大的整数值引起拒绝服务攻击(后台程序崩溃)。该字段存在于发送给UPD 427端口上的Service Location Protocol (SLP) service的信息包中。它会导致超范围读取(out-of-bounds read)。
CVSS Information
N/A
Vulnerability Type
N/A