Lucene search
K

111 matches found

Tenable Nessus
Tenable Nessus
added 2019/12/12 12:0 a.m.37 views

openSUSE Security Update : shadowsocks-libev (openSUSE-2019-2667)

This update for shadowsocks-libev fixes the following issues : - Update version to 3.3.3 - Refine the handling of suspicious connections. - Fix exploitable denial-of-service vulnerability exists in the UDPRelay functionality boo1158251, CVE-2019-5163 - Fix code execution vulnerability in the...

7.8CVSS7.3AI score0.02289EPSS
Exploits2References4
OSV
OSV
added 2019/12/11 9:13 a.m.6 views

OPENSUSE-SU-2019:2667-1 Security update for shadowsocks-libev

This update for shadowsocks-libev fixes the following issues: - Update version to 3.3.3 Refine the handling of suspicious connections. Fix exploitable denial-of-service vulnerability exists in the UDPRelay functionality boo1158251, CVE-2019-5163 Fix code execution vulnerability in the ss-manager...

7.8CVSS7.7AI score0.02289EPSS
Exploits2References5
OPENSUSE Linux
OPENSUSE Linux
added 2019/12/11 12:0 a.m.67 views

Security update for shadowsocks-libev (moderate)

openSUSE Security Update: Security update for shadowsocks-libev Announcement ID: openSUSE-SU-2019:2667-1 Rating: moderate References: 1158251 1158365 Cross-References: CVE-2019-5163 CVE-2019-5164 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available...

7.8CVSS7.3AI score0.02289EPSS
Exploits2References2
CNVD
CNVD
added 2019/12/05 12:0 a.m.3 views

Shadowsocks-libev Access Control Error Vulnerability

Shadowsocks-libev is a lightweight secure SOCKS5 agent for embedded devices. An Access Control Error vulnerability exists in the UDPRelay feature in Shadowsocks-libev version 3.3.2. The vulnerability stems from a network system or product not properly restricting access to resources from...

7.5CVSS7.6AI score0.02289EPSS
Exploits1References1
OSV
OSV
added 2019/12/03 10:15 p.m.18 views

CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

7.5CVSS6.9AI score
Exploits0References3
NVD
NVD
added 2019/12/03 10:15 p.m.17 views

CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

7.8CVSS7.8AI score0.00734EPSS
Exploits1References3
OSV
OSV
added 2019/12/03 10:15 p.m.2 views

DEBIAN-CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

7.5CVSS6.8AI score0.02289EPSS
Exploits1References1
OSV
OSV
added 2019/12/03 10:15 p.m.22 views

CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

7.8CVSS7.3AI score
Exploits0References3
NVD
NVD
added 2019/12/03 10:15 p.m.20 views

CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

7.5CVSS6.6AI score0.02289EPSS
Exploits1References3
OSV
OSV
added 2019/12/03 10:15 p.m.2 views

DEBIAN-CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

7.8CVSS7.6AI score0.00734EPSS
Exploits1References1
OSV
OSV
added 2019/12/03 10:15 p.m.2 views

UBUNTU-CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

7.5CVSS6.7AI score0.02289EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2019/12/03 10:15 p.m.27 views

CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

7.5CVSS6.9AI score0.02289EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2019/12/03 10:15 p.m.21 views

CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

7.8CVSS7.6AI score0.00734EPSS
Exploits1References3
Prion
Prion
added 2019/12/03 10:15 p.m.18 views

Remote code execution

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

4.6CVSS7.8AI score0.00734EPSS
Exploits1References3Affected Software3
OSV
OSV
added 2019/12/03 10:15 p.m.1 views

UBUNTU-CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

7.8CVSS7.6AI score0.00734EPSS
Exploits1References4
CVE
CVE
added 2019/12/03 9:56 p.m.179 views

CVE-2019-5164

CVE-2019-5164 affects shadowsocks-libev, specifically the ss-manager binary (version 3.3.2). A vulnerability in processing specially crafted network packets can lead to arbitrary code execution and privilege escalation on the host. The issue is tied to the ss-manager component and has been addres...

7.8CVSS7.6AI score0.00734EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/12/03 9:56 p.m.22 views

CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

7.8CVSS7.7AI score0.00734EPSS
Exploits1References3
CVE
CVE
added 2019/12/03 9:55 p.m.187 views

CVE-2019-5163

CVE-2019-5163 affects Shadowsocks-libev 3.3.2’s UDPRelay when using a Stream Cipher and a local_address; sending arbitrary UDP packets can trigger a FATAL error path and exit, constituting a denial-of-service. The issue is mitigated by upgrading to Shadowsocks-libev 3.3.3, as referenced by severa...

7.5CVSS7.3AI score0.02289EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/12/03 9:55 p.m.29 views

CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

5.9CVSS7.4AI score0.02289EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2019/12/03 9:55 p.m.19 views

CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

7.5CVSS6.5AI score0.02289EPSS
Exploits1
Rows per page
Query Builder