The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. This could be used by a read-only user (monitor role) to gain privileged (root) code execution on the switch via command injection.
원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12785
원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12785
댓글 0
| 번호 | 제목 | 글쓴이 | 날짜 | 조회 수 |
|---|---|---|---|---|
| 107 | CVE-2017-0056 | 관리자 | 2017.03.18 | 198 |
| 106 | CVE-2017-0055 | 관리자 | 2017.03.18 | 166 |
| 105 | CVE-2017-0057 | 관리자 | 2017.03.18 | 185 |
| 104 | CVE-2017-0052 | 관리자 | 2017.03.18 | 89 |
| 103 | CVE-2017-0051 | 관리자 | 2017.03.18 | 167 |
| 102 | CVE-2017-0053 | 관리자 | 2017.03.18 | 148 |
| 101 | CVE-2017-0074 | 관리자 | 2017.03.18 | 177 |
| 100 | CVE-2017-0075 | 관리자 | 2017.03.18 | 146 |
| 99 | CVE-2017-0050 | 관리자 | 2017.03.18 | 209 |
| 98 | CVE-2017-0043 | 관리자 | 2017.03.18 | 146 |
| 97 | CVE-2017-0042 | 관리자 | 2017.03.18 | 134 |
| 96 | CVE-2017-0045 | 관리자 | 2017.03.18 | 134 |
| 95 | CVE-2017-0035 | 관리자 | 2017.03.18 | 225 |
| 94 | CVE-2017-0039 | 관리자 | 2017.03.18 | 105 |
| 93 | CVE-2017-0040 | 관리자 | 2017.03.18 | 174 |