漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMB_IOC_SVCENUM IOCTL. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4983.
漏洞信息
N/A
漏洞
堆缓冲区溢出
漏洞
Joyent SmartOS 缓冲区错误漏洞
漏洞信息
Joyent SmartOS是美国Joyent公司的一套开源的操作系统。 Joyent SmartOS release-20170803-20170803T064301Z版本中的SMBIOC_TREE_RELE ioctl存在安全漏洞,该漏洞源于程序没有正确的检测用户提交的数据,导致复制数据的大小超过基于堆的固定长度的缓冲区。本地攻击者可利用该漏洞提升权限,执行代码。
漏洞信息
N/A
漏洞
N/A