Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GNU C Library 安全漏洞
Vulnerability Description
GNU C Library(glibc,libc6)是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU C Library(又名glibc或者libc6)至2.11.3版本,以及2.12.x至2.12.2版本中的regcomp实现中存在安全漏洞。上下文攻击者可以借助包含相邻的重复操作符的正则表达式(绕过了预设的RE_DUP_MAX限制)导致拒绝服务(应用程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A