Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to the CreateWellKnownSockets or (9) AmoebaTCPConnectorThread function in server/os/connection.c; or (10) unspecified vectors related to logging in the osLogMsg function in server/os/aulog.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Network Audio System 多个缓冲区溢出漏洞
Vulnerability Description
Network Audio System(NAS)是一套采用客户机/服务器结构的网络音频传输系统。该系统支持音频传输、音频处理、音频存储等。 NAS 1.9.3版本中存在基于栈的缓冲区溢出漏洞和基于堆的缓冲区溢出漏洞。本地攻击者可通过(1)向server/os/utils.c文件中的ProcessCommandLine函数传递‘display command’参数(2)server/os/access.c文件中的ResetHosts函数(3)server/os/connection.c文件中的open_u
CVSS Information
N/A
Vulnerability Type
N/A