Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Axessh 4.2 Local Stack-based Buffer Overflow via Log File Name
Vulnerability Description
Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute shellcode with system privileges.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
LabF Axessh 缓冲区错误漏洞
Vulnerability Description
LabF Axessh是LabF公司的一款安全终端客户端软件。 LabF Axessh 4.2版本存在缓冲区错误漏洞,该漏洞源于日志文件名字段存在基于栈的缓冲区溢出,可能导致本地攻击者通过提供超长文件名执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A