# CVE-2020-3119 Cisco CDP协议栈溢出漏洞分析

Cisco Discovery Protocol(CDP)协议是用来发现局域网中的Cisco设备的链路层协议。

# CVE-2020-3119 Cisco CDP Stack Overflow Analysis

Cisco Discovery Protocol (CDP) is a proprietary Data Link Layer protocol developed by Cisco Systems.

# PhpStudy 后门分析

phpstudy后门的事情是这几天安全圈最热的话题了，今天同事给我了份样本让我进行分析，所以暂时放下了最近研究的东西，写了本篇文章。

# Overview

Last Week, Linux fixes 4 kernel CVE vulnerabilities[1]. Among them, CVE-2019-11477 makes me feel like a very powerful Dos vulnerability. However, because there are other things interrupted, my research progress is slower. For now, there have been some related analysis article in the Internet.[2][3]

In the process of trying to reproduce the CVE-2019-11477 vulnerability. In the first step, I encountered a problem in setting the MSS. I could not achieve the expected results. However, the current published analysis article did not elaborate on this part. So this article will analyze the MSS mechanism of TCP through the Linux kernel source code.