Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Out of Bounds Slice index in cfnts leads to remote panic
Vulnerability Description
An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packet contents.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
cfnts 缓冲区错误漏洞
Vulnerability Description
Cloudflare cfnts是Cloudflare公司的用 Rust 编写的 NTS 协议的实现。 cfnts 783490b之前版本存在安全漏洞,该漏洞源于NTP 服务器中未经检查的读取使远程攻击者能够通过发送扩展长度长于数据包内容的 NTSAuthenticator 数据包来触发恐慌。
CVSS Information
N/A
Vulnerability Type
N/A