Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
bvlc.c in skarg BACnet Protocol Stack bacserv 0.9.1 and 0.8.5 is affected by a Buffer Overflow because of a lack of packet-size validation. The affected component is bacserv BACnet/IP BVLC forwarded NPDU. The function bvlc_bdt_forward_npdu() calls bvlc_encode_forwarded_npdu() which copies the content from the request into a local in the bvlc_bdt_forward_npdu() stack frame and clobbers the canary. The attack vector is: A BACnet/IP device with BBMD enabled based on this library connected to IP network. The fixed version is: 0.8.6.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BACnet Protocol Stack 缓冲区错误漏洞
Vulnerability Description
BACnet Protocol Stack是一个适用于多种平台的,用于提供BACnet应用层、网络层和媒体访问(MAC)层通信服务的库。 BACnet Protocol Stack 0.8.5版本中的bvlc.c文件的BACnet/IP BVLC数据包处理存在缓冲区错误漏洞,该漏洞源于程序没有校验数据包的大小。攻击者可利用该漏洞执行代码或造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A