Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NetBSD 操作系统命令注入漏洞
Vulnerability Description
NetBSD是NetBSD基金会开发的一套免费开源的类Unix操作系统。 NetBSD中使用的tnftp的usr.bin/ftp/fetch.c文件中的‘fetch_url’函数中存在安全漏洞。远程攻击者可通过在HTTP重定向的末尾添加‘|’字符利用该漏洞执行任意命令。以下版本受到影响:NetBSD 5.1版本至5.1.4版本,5.2版本至5.2.2版本,6.0版本至6.0.6版本,6.1版本至6.1.5版本。
CVSS Information
N/A
Vulnerability Type
N/A