Vulnerability Description BusyBox provides an arp applet which is missing an array bounds check for command-line parameter IFNAME. It is therefore vulnerable to a command-line based local stack buffer overwrite effectively allowing local users to write past a 16 bytes fixed stack buffer. This leads to two scenarios, one (A) where an IOCTL for GET_HW_ADDRESS … Continue reading SSD Advisory – BusyBox (local) cmdline stack buffer overwrite →
from SSD Advisory – BusyBox (local) cmdline stack buffer overwrite
No comments:
Post a Comment