Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards (such as in an injected string:/home/../tmp/* string).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cantata cantata-mounter D-Bus服务器安全漏洞
Vulnerability Description
Cantata是一款用于音乐播放器守护进程(MPD)中的可视化客户端。cantata-mounter D-Bus service是其中的一个总线服务。 Cantata 2.3.1及之前版本中的cantata-mounter D-Bus服务器存在安全漏洞,该漏洞源于mount.cifs.wrapper(wrapper脚本)使用shell将参数转发到实际的mount.cifs二进制文件。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
CVSS Information
N/A
Vulnerability Type
N/A