|
1 | 1 | [basic] |
2 | | -description = "Linux syslogd 在处理大量网络连接时存在拒绝服务漏洞。远程攻击者可向 syslogd 服务发送大量连接请求,导致服务资源耗尽而崩溃,无法正常记录系统日志。受影响的系统包括 Caldera OpenLinux 和 Red Hat Linux 等发行版。" |
3 | | -published = "1999-11-18T00:00:00Z" |
4 | | -remediation = "升级 Caldera OpenLinux 或 Red Hat Linux 到包含 syslogd 补丁的最新版本。限制对 syslogd 服务端口(514/UDP)的网络访问,通过防火墙规则仅允许可信来源的连接请求,避免暴露服务到不可信网络。" |
5 | | -score = 5.0 |
6 | | -severity = "MEDIUM" |
7 | | -sources = ["redhat"] |
8 | | -title = "Linux syslogd 远程拒绝服务漏洞" |
9 | | -updated = "2026-06-16T00:00:00Z" |
| 2 | +description = "SGI IRIX 5.3/6.2 系统中 ordist 命令存在缓冲区溢出漏洞,攻击者可通过向 -d 选项提供特制的超长参数触发溢出,从而获取 root 权限。该漏洞影响所有 SGI IRIX 5.x 和 6.x 系列系统,本地用户可利用此漏洞实现权限提升。" |
| 3 | +published = "1997-07-16" |
| 4 | +remediation = "升级 SGI IRIX 系统至最新安全补丁版本,或限制 ordist 命令的本地用户访问权限。" |
| 5 | +score = 8.4 |
| 6 | +severity = "HIGH" |
| 7 | +sources = [ |
| 8 | + "exploitdb", |
| 9 | + "nvd", |
| 10 | +] |
| 11 | +title = "SGI IRIX ordist 缓冲区溢出本地权限提升漏洞" |
| 12 | +updated = "2024-08-01" |
10 | 13 |
|
11 | 14 | [exploit] |
12 | | -exp_urls = [] |
13 | | -poc_urls = [] |
| 15 | +exp_urls = ["https://www.exploit-db.com/exploits/19317"] |
| 16 | +poc_urls = ["https://www.exploit-db.com/exploits/19317"] |
14 | 17 |
|
15 | 18 | [id] |
16 | | -aliases = ["CVE-1999-0831"] |
| 19 | +aliases = ["CVE-1999-0029"] |
17 | 20 | ave_id = "AVE-1999-0215" |
18 | | -cve_id = "CVE-1999-0831" |
| 21 | +cve_id = "CVE-1999-0029" |
19 | 22 |
|
20 | 23 | [meta] |
21 | 24 | collected_at = "2026-07-11T00:00:00Z" |
22 | 25 | status = "completed" |
23 | 26 |
|
24 | 27 | [references] |
25 | 28 | urls = [ |
26 | | - "https://nvd.nist.gov/vuln/detail/CVE-1999-0831", |
27 | | - "https://access.redhat.com/security/cve/CVE-1999-0831", |
28 | | - "http://www.securityfocus.com/bid/809", |
| 29 | + "https://nvd.nist.gov/vuln/detail/CVE-1999-0029", |
| 30 | + "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0029", |
| 31 | + "https://www.exploit-db.com/exploits/19317", |
29 | 32 | ] |
0 commit comments