| Titel | D-Link DIR-825 C1_FW3.00b32 C1_FW3.00b32 Buffer Overflow |
|---|
| Beschreibung | A stack-based buffer overflow exists in the `nmbd` NetBIOS Name Service daemon of D-Link DIR-825. The daemon processes NetBIOS name queries on UDP port 137 and copies attacker-controlled packet data into a fixed-size stack buffer without validating the length, leading to an out-of-bounds write.
Because this service is typically reachable from the local network without authentication, an attacker on the LAN can crash the service and may be able to achieve arbitrary code execution depending on the runtime environment and mitigations (stack canaries, ASLR, NX, compiler options, etc.). |
|---|
| Quelle | ⚠️ https://tzh00203.notion.site/D-Link-DIR-825-nmbd-NetBIOS-Name-Service-Stack-Based-Buffer-Overflow-337b5c52018a80cea1e8d56689928114 |
|---|
| Benutzer | tian (UID 93438) |
|---|
| Einreichung | 07.04.2026 13:05 (vor 21 Tagen) |
|---|
| Moderieren | 26.04.2026 09:38 (19 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 359643 [D-Link DIR-825 3.00b32 nmbd sserver.c NMBD_process Pufferüberlauf] |
|---|
| Punkte | 17 |
|---|