Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input.
CVSS Information
N/A
Vulnerability Type
释放并不在堆上的内存
Vulnerability Title
Busybox 安全漏洞
Vulnerability Description
BusyBox是乌克兰Denis Vlasenko个人开发者的一套包含了多个linux命令和工具的应用程序。 Busybox hush applet 存在安全漏洞,该漏洞源于在Busybox的hush applet中shell错误地处理&&&字符串。攻击者可利用该漏洞导致拒绝服务和可能的代码执行。
CVSS Information
N/A
Vulnerability Type
N/A