Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Axessh 4.2 Denial of Service via Log File Name
Vulnerability Description
Axessh 4.2 contains a denial of service vulnerability in the logging configuration that allows local attackers to crash the application by supplying an excessively long string in the log file name field. Attackers can enable session logging, paste a buffer of 500 or more characters into the log file name parameter, and trigger a crash when establishing a telnet connection.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
CWE-1282
Vulnerability Title
LabF Axessh 安全漏洞
Vulnerability Description
LabF Axessh是LabF公司的一款安全终端客户端软件。 Labf Axessh 4.2版本存在安全漏洞,该漏洞源于日志配置存在拒绝服务漏洞,可能导致本地攻击者通过在日志文件名字段提供超长字符串使应用程序崩溃。
CVSS Information
N/A
Vulnerability Type
N/A