Node. js dns-sync Arbitrary Command Execution Vulnerability
Release date:
Updated on:
Affected Systems:
Nodejs dns-sync <0.1.1
Nodejs dns-sync
Description:
Bugtraq id: 71054
Node. js is a platform built on the Chrome JavaScript runtime environment for building network applications.
An arbitrary command execution vulnerability exists in the implementation of dns-sync versions earlier than 0.1.1. Attackers can exploit this vulnerability to execute arbitrary commands in the context of the affected application.
<* Source: Steve Kemp (skx@debian.org)
*>
Suggestion:
Vendor patch:
Nodejs
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://nodejs.org/
Install and configure the Node. js development environment in javasru 12.04
Getting started with Node. Js [PDF + related Code]
Node. js Development Guide hd pdf Chinese version + source code
Node. js getting started Development Guide
Install and configure Node. js
Compile and install Node. js in Ubuntu
Node. js details: click here
Node. js: click here
This article permanently updates the link address: