Lucene search
K

70 matches found

Mageia
Mageia
added 2020/01/05 3:37 p.m.33 views

Updated shadowsocks-libev packages fix security vulnerabilities

Updated shadowsocks-libev packages fix security vulnerabilities: Exploitable denial-of-service vulnerability exists in the UDPRelay functionality CVE-2019-5163. Code execution vulnerability in the ss-manager binary CVE-2019-5164...

7.8CVSS2.6AI score0.02289EPSS
Exploits2References2
NVD
NVD
added 2019/12/18 3:15 p.m.18 views

CVE-2019-5152

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An...

7.4CVSS7AI score0.01379EPSS
Exploits1References1
OSV
OSV
added 2019/12/18 3:15 p.m.15 views

CVE-2019-5152

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An...

7.4CVSS6.3AI score
Exploits0References1
OSV
OSV
added 2019/12/18 3:15 p.m.2 views

DEBIAN-CVE-2019-5152

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An...

7.4CVSS7.5AI score0.01379EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/12/18 3:15 p.m.20 views

CVE-2019-5152

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An...

7.4CVSS7.2AI score0.01379EPSS
Exploits1References4
OSV
OSV
added 2019/12/18 3:15 p.m.2 views

UBUNTU-CVE-2019-5152

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An...

7.4CVSS7.2AI score0.01379EPSS
Exploits1References5
CVE
CVE
added 2019/12/18 2:31 p.m.59 views

CVE-2019-5152

CVE-2019-5152 affects Shadowsocks-libev 3.3.2. In the network packet handling path, when a Stream Cipher is used, a specially crafted set of packets can trigger an outbound connection from the server, resulting in information disclosure. The issue is described across multiple sources in this set,...

7.4CVSS7AI score0.01379EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/12/18 2:31 p.m.19 views

CVE-2019-5152

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An...

7.4CVSS7AI score0.01379EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/12/12 12:0 a.m.37 views

openSUSE Security Update : shadowsocks-libev (openSUSE-2019-2667)

This update for shadowsocks-libev fixes the following issues : - Update version to 3.3.3 - Refine the handling of suspicious connections. - Fix exploitable denial-of-service vulnerability exists in the UDPRelay functionality boo1158251, CVE-2019-5163 - Fix code execution vulnerability in the...

7.8CVSS7.3AI score0.02289EPSS
Exploits2References4
OSV
OSV
added 2019/12/11 9:13 a.m.6 views

OPENSUSE-SU-2019:2667-1 Security update for shadowsocks-libev

This update for shadowsocks-libev fixes the following issues: - Update version to 3.3.3 Refine the handling of suspicious connections. Fix exploitable denial-of-service vulnerability exists in the UDPRelay functionality boo1158251, CVE-2019-5163 Fix code execution vulnerability in the ss-manager...

7.8CVSS7.7AI score0.02289EPSS
Exploits2References5
OPENSUSE Linux
OPENSUSE Linux
added 2019/12/11 12:0 a.m.67 views

Security update for shadowsocks-libev (moderate)

openSUSE Security Update: Security update for shadowsocks-libev Announcement ID: openSUSE-SU-2019:2667-1 Rating: moderate References: 1158251 1158365 Cross-References: CVE-2019-5163 CVE-2019-5164 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available...

7.8CVSS7.3AI score0.02289EPSS
Exploits2References2
CNVD
CNVD
added 2019/12/05 12:0 a.m.3 views

Shadowsocks-libev Access Control Error Vulnerability

Shadowsocks-libev is a lightweight secure SOCKS5 agent for embedded devices. An Access Control Error vulnerability exists in the UDPRelay feature in Shadowsocks-libev version 3.3.2. The vulnerability stems from a network system or product not properly restricting access to resources from...

7.5CVSS7.6AI score0.02289EPSS
Exploits1References1
NVD
NVD
added 2019/12/03 10:15 p.m.16 views

CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

7.5CVSS6.6AI score0.02289EPSS
Exploits1References3
OSV
OSV
added 2019/12/03 10:15 p.m.2 views

DEBIAN-CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

7.8CVSS7.6AI score0.00734EPSS
Exploits1References1
OSV
OSV
added 2019/12/03 10:15 p.m.21 views

CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

7.8CVSS7.3AI score
Exploits0References3
NVD
NVD
added 2019/12/03 10:15 p.m.17 views

CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

7.8CVSS7.8AI score0.00734EPSS
Exploits1References3
OSV
OSV
added 2019/12/03 10:15 p.m.2 views

DEBIAN-CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

7.5CVSS6.8AI score0.02289EPSS
Exploits1References1
OSV
OSV
added 2019/12/03 10:15 p.m.17 views

CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

7.5CVSS6.9AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/12/03 10:15 p.m.21 views

CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

7.8CVSS7.6AI score0.00734EPSS
Exploits1References3
Prion
Prion
added 2019/12/03 10:15 p.m.18 views

Remote code execution

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

4.6CVSS7.8AI score0.00734EPSS
Exploits1References3Affected Software3
Rows per page
Query Builder