Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MiniFtp parseconf_load_setting Buffer Overflow via Configuration
Vulnerability Description
MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function that allows local attackers to execute arbitrary code by supplying oversized configuration values. Attackers can craft a miniftpd.conf file with values exceeding 128 bytes to overflow stack buffers and overwrite the return address, enabling code execution with root privileges.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
MiniFtp 缓冲区错误漏洞
Vulnerability Description
MiniFtp是Arvin个人开发者的一个轻量级FTP服务器软件。 MiniFtp存在缓冲区错误漏洞,该漏洞源于parseconf_load_setting函数存在缓冲区溢出,可能导致本地攻击者通过提供超大的配置值执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A