Описание
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-6947
- https://www.exploit-db.com/exploits/44167
- https://www.exploit-db.com/exploits/44168
- https://www.fidusinfosec.com/nomachine-road-code-execution-without-fuzzing-cve-2018-6947
- https://www.nomachine.com/SU02P00194
- https://www.nomachine.com/SU02P00195
- https://www.nomachine.com/TR02P08408
Связанные уязвимости
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.
Уязвимость компонента nxfuse библиотеки DokanFS системы удаленного доступа к рабочему столу NoMachine позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии