Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Xlight FTP Server 3.9.1 SEH Overwrite Buffer Overflow
Vulnerability Description
Xlight FTP Server 3.9.1 contains a structured exception handler (SEH) overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual server configuration to trigger a buffer overflow that corrupts the SEH chain and enables potential code execution.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
Xlight FTP Server 缓冲区错误漏洞
Vulnerability Description
Xlight FTP Server是Xlight开源的一个FTP服务器软件。 Xlight FTP Server 3.9.1版本存在缓冲区错误漏洞,该漏洞源于结构化异常处理程序覆盖漏洞,可能导致本地攻击者使应用程序崩溃并覆盖SEH指针。
CVSS Information
N/A
Vulnerability Type
N/A