Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
NetHack command line -w option parsing is subject to a buffer overflow
Vulnerability Description
In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
NetHack 缓冲区错误漏洞
Vulnerability Description
NetHack是一款角色扮演类单人游戏。 NetHack 3.6.5之前版本中的-w命令行选项存在缓冲区错误漏洞。远程攻击者可借助特制请利用该漏洞导致拒绝服务或提升权限。
CVSS Information
N/A
Vulnerability Type
N/A