GNU Info 4.7 Follow XRef Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10882/info GNU Info is reported prone to a buffer overrun vulnerability. The vulnerability is reported to present itself due to a lack of boundary checks performed on argument data for the f follow xref Info command. An...

RoarSmithinfo2www远程执行任意命令漏洞

BugCVE: CVE-1999-0266 BUGTRAQ: 1995 “info2www”是一个将GNU Info文本转化成HTML文件的CGI程序。 某些早期版本的info2www脚本实现上存在输入验证漏洞，远程攻击者可以利用此漏洞以Web进程的权限在主机上 执行任意系统命令。 问题在于程序脚本没有过滤用户输入中包含的一些shell元字符，远程攻击者可能以Web守护程序的权限（root或nobody）在主机上执行任意程序。 1.0-1.1 临时解决方法： 如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁：...

GNU Info 4.7 - Follow XRef Buffer Overrun

source: https://www.securityfocus.com/bid/10882/info GNU Info is reported prone to a buffer overrun vulnerability. The vulnerability is reported to present itself due to a lack of boundary checks performed on argument data for the f follow xref Info command. An attacker may exploit this...

GNU Info 4.7 - Follow XRef Buffer Overrun

GNU Info 4.7 - Follow XRef Buffer Overrun source: https://www.securityfocus.com/bid/10882/info GNU Info is reported prone to a buffer overrun vulnerability. The vulnerability is reported to present itself due to a lack of boundary checks performed on argument data for the f follow xref Info...