漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache Guacamole: Improper input validation of console codes
Vulnerability Description
The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted sequence of console codes could allow arbitrary code to be executed with the privileges of the running guacd process. Users are recommended to upgrade to version 1.6.0, which fixes this issue.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
对数组索引的验证不恰当
Vulnerability Title
Apache Guacamole 输入验证错误漏洞
Vulnerability Description
Apache Guacamole是美国阿帕奇(Apache)基金会的一款无客户端的远程桌面网关。该产品支持VNC、RDP和SSH等协议。 Apache Guacamole 1.5.5及之前版本存在输入验证错误漏洞,该漏洞源于未正确验证基于文本协议接收的控制台代码,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A