Netatalk缓冲区溢出漏洞(CVE-2018-1160)

2 years ago

source link: https://827607240.github.io/2020/11/02/Netatalk_CVE-2018-1160/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Netatalk缓冲区溢出漏洞（CVE-2018-1160）

Netatalk是一款用于在Linux平台上提供Appletalk网络协议服务的服务器。

漏洞影响范围

Netatalk 3.1.12之前版本中的dsi_opensess.c文件存在越界写入漏洞，该漏洞源于程序对攻击者控制的数据缺少边界检查。远程攻击者可利用该漏洞执行任意代码。

验证脚本https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160

python pea.py -i 192.168.88.252 -lv

https://beta.4hou.com/vulnerable/15376.html

Recommend

Netatalk缓冲区溢出漏洞(CVE-2018-1160)

Netatalk缓冲区溢出漏洞（CVE-2018-1160）

漏洞影响范围

Recommend

深入理解计算机系统CacheLab-PartB实验报告

Redis数据结构及常用命令

BTCD源码分析之database存储

搭建Docker私有仓库

[Golang] Insert Line or String to File

[Golang] Union of Two Arrays

[Golang] XML Parsing Example (1)

LET IT COME, LET IT GO - Ajahn Jayanto

BIP34(Block v2, Height in Coinbase)

灵活、高效、可维护的移动 Web 解决方案

About Joyk