漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics when faced with data not encoded in DER. Because Fort is an RPKI Relying Party, a panic can lead to Route Origin Validation unavailability, which can lead to compromised routing.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FORT Validator 安全漏洞
Vulnerability Description
FORT Validator是NICMx开源的一个 RPKI 依赖方和 RTR 服务器。 FORT Validator 1.6.3之前版本存在安全漏洞,该漏洞源于路由来源验证不可用。
CVSS Information
N/A
Vulnerability Type
N/A