PT-2022-22872 · Unknown · Triplecross
Firmianayo
·
Published
2022-08-03
·
Updated
2022-08-10
·
CVE-2022-35505
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
TripleCross version 0.1.0
Description
A segmentation fault occurs when sending a control command from the client to the server. This issue arises because there is no limit to the length of the output of the executed command.
Recommendations
For TripleCross version 0.1.0, consider implementing a limit to the length of the output of the executed command to prevent the segmentation fault. As a temporary workaround, restrict the use of control commands from the client to the server until a proper fix is applied.
Exploit
Fix
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Triplecross