CVE-2026-25740

captive browser, a dedicated Chrome instance to log into captive portals without messing with DNS settings. In 25.05 and earlier, when programs.captive-browser is enabled, any user of the system can run arbitrary commands with the CAPNETRAW capability binding to privileged ports, spoofing localho...

CVE-1999-0451

Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port...

EUVD-1999-1140

Malware in sbrugna...

CVE-2007-6741

The ftpPORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privileged ports if the destination IP address matches the source IP address of the connection from the FTP client, which might allow remote authenticated users to conduct FTP bounce attacks via...

SUSE CVE-2010-2242

Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree...

Server-Side Request Forgery (SSRF)

vrana/adminer is vulnerable to server-side request forgery SSRF. An attacker is able to connect to privileged ports and submit requests on behalf of the server...

vrana/adminer vulnerable to SSRF by connecting to privileged ports

Impact All users are affected. Patches Unsuccessfully patched by 0fae40fb, included in version 4.4.0. Patched by 35bfaa75, included in version 4.7.8. Workarounds Protect access to Adminer also by other means, e.g. by HTTP password, IP address limiting or by OTP plugin. References...

GHSA-43F8-P5W3-5M25 vrana/adminer vulnerable to SSRF by connecting to privileged ports

Impact All users are affected. Patches Unsuccessfully patched by 0fae40fb, included in version 4.4.0. Patched by 35bfaa75, included in version 4.7.8. Workarounds Protect access to Adminer also by other means, e.g. by HTTP password, IP address limiting or by OTP plugin. References...

Debian Security Advisory DSA 2770-1 (torque - authentication bypass)

John Fitzpatrick of MWR InfoSecurity discovered an authentication bypass vulnerability in torque, a PBS-derived batch processing queueing system. The torque authentication model revolves around the use of privileged ports. If a request is not made from a privileged port then it is assumed not to ...

SuSE 11.1 Security Update : libvirt (SAT Patch Number 2957)

libvirt did not properly handle configured disk formats which potentially allowed users to read arbitrary files. CVE-2010-2237 / CVE-2010-2238 / CVE-2010-2239 Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host. CVE-2010-2242 In addition, fixes...

PYSEC-2010-25

The ftpPORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privileged ports if the destination IP address matches the source IP address of the connection from the FTP client, which might allow remote authenticated users to conduct FTP bounce attacks via...

openSUSE Security Update : libvirt (openSUSE-SU-2010:0620-1)

libvirt did not properly handle configured disk formats which potenially allowed users to read arbitrary files CVE-2010-2237, CVE-2010-2238, CVE-2010-2239 Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host CVE-2010-2242. %NASLMINLEVEL 70300 C...

libvirt: improperly mapped source privileged ports may allow for obtaining privileged resources on the host

Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree...

Solaris SPARC / x86 Local Socket Hijack Exploit

No description provided by source. / $ An open security advisory 7 - SUN Solaris SOREUSEADDR Local Socket Hijack Bug 1: Bug Researcher: c0ntex - c0ntexbatgmail.com 2: Bug Released: July 06 2005 3: Bug Impact Rate: Medium / Hi 4: Bug Scope Rate: Local / Remote ...

Solaris Socket Hijack

/ $ An open security advisory 7 - SUN Solaris SOREUSEADDR Local Socket Hijack Bug 1: Bug Researcher: c0ntex - c0ntexbatgmail.com 2: Bug Released: July 06 2005 3: Bug Impact Rate: Medium / Hi 4: Bug Scope Rate: Local / Remote $ This advisory and/or proof of concept code must not be used for...

CVE-1999-1159

SSH 2.0.11 and earlier permits local users to request remote forwarding to privileged ports without root privileges. Root-cause: weakness in SSH 2.0.x remote forwarding handling enabling non-privileged users to bind privileged ports. Impact: potential unauthorized access paths via port forwarding...

CVE-1999-1159

SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root...

DoS и подключение к привелегированным портам в E-Serv (ftp bounce)

Не закрывается порт открытый при комманде PASV, не проверяется IP и номер порта в команде PORT...

CVE-1999-0451

Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port...