漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Out-of-bound read in mtr
Vulnerability Description
mtr is vulnerable to Out-of-bound read vulnerability in ipinfo_lookup() function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME field. ipinfo_lookup() function uses the length of the response as the end-of-message boundary for dn_expand() function. The result is a reliable crash. This issue exists in the mtr through version 0.96 and it was fixed in commit 48e1794414d338ce47abc0f27c25ade8788af9c3.
CVSS Information
N/A
Vulnerability Type
跨界内存读
Vulnerability Title
BitWizard BV mtr 缓冲区错误漏洞
Vulnerability Description
BitWizard BV mtr是BitWizard BV团队的一款网络诊断与连通性分析工具。 BitWizard BV mtr 0.96及之前版本存在缓冲区错误漏洞,该漏洞源于ipinfo_lookup()函数存在越界读取漏洞,攻击者通过返回大于512字节且包含特制压缩指针的DNS响应,利用响应长度作为dn_expand()函数消息结束边界,可能导致可靠崩溃。
CVSS Information
N/A
Vulnerability Type
N/A