Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in sthttpd through 2.27.1. On systems where the strcpy function is implemented with memcpy, the de_dotdot function may cause a Denial-of-Service (daemon crash) due to overlapping memory ranges being passed to memcpy. This can triggered with an HTTP GET request for a crafted filename. NOTE: this is similar to CVE-2017-10671, but occurs in a different part of the de_dotdot function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
sthttpd 缓冲区错误漏洞
Vulnerability Description
sthttpd是ACME实验室的一款轻量级的开源Web服务器。 sthttpd through 2.27.1 存在安全漏洞,该漏洞源于传递给memcpy的内存范围重叠,导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A