135 matches found
CVE-2025-6432
When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability was fixed in Firefox 140 and Thunderbird 140...
PT-2025-26729
Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 140 Description: The issue occurs when Multi-Account Containers is enabled, allowing DNS requests to bypass a SOCKS proxy under certain conditions, such as when the domain name is invalid or the SOCKS proxy is not...
Astra Linux – Vulnerability in Firefox
When Multi-Account Containers was enabled, DNS requests could bypass a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability was fixed in Firefox 140 and Thunderbird 140...
CVE-2017-18350
bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name...
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "takes advantage of misconfigured DNS records to pass email protection techniques,"...
MGASA-2024-0386 Updated glib2.0 packages fix security vulnerability
Buffer overflow in socks proxy code in glib 2.82.1. CVE-2024-52533...
Updated glib2.0 packages fix security vulnerability
Buffer overflow in socks proxy code in glib 2.82.1. CVE-2024-52533...
OESA-2024-2435 glib2 security update
GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: gio/gsocks4aproxy.c in GNOME GLib before...
SUSE CVE-2024-52533
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0' character...
Living off the land with native SSH and split tunnelling
TL;DR Attackers can use Microsoft native SSH client to forward out internal network traffic Windows native SSH is common The attack only needs minimal set-up and commands Quicker and more cost effective for an attacker than using C2 infrastructure Reduces likelihood of Blue team detection...
CVE-2024-25398
In Srelay the SOCKS proxy and Relay v.0.4.8p3, a specially crafted network payload can trigger a denial of service condition and disrupt the service...
CVE-2024-25398
In Srelay the SOCKS proxy and Relay v.0.4.8p3, a specially crafted network payload can trigger a denial of service condition and disrupt the service...
CVE-2024-25398
In Srelay the SOCKS proxy and Relay v.0.4.8p3, a specially crafted network payload can trigger a denial of service condition and disrupt the service...
Srelay Security Vulnerabilities
Srelay is a SOCKS proxy and relay from Sourceforge open source. A security vulnerability exists in Srelay version v.0.4.8p3. An attacker exploited the vulnerability to trigger a denial of service condition and interrupt service via a specially crafted network payload...
MaccaroniC2 - A PoC Command And Control Framework That Utilizes The Powerful AsyncSSH
MaccaroniC2 is a proof-of-concept Command and Control framework that utilizes the powerful AsyncSSH Python library which provides an asynchronous client and server implementation of the SSHv2 protocol and use PyNgrok wrapper for ngrok integration. This tool is inspired for a specific scenario whe...
OESA-2023-1762 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5...
USN-6429-3 curl vulnerabilities
USN-6429-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote...
Important: curl
Issue Overview: An issue was found in curl that can cause a buffer overflow in its SOCKS5 proxy communications code. When curl is using a SOCKS5 proxy and it needs to resolve a hostname to an IP address, its default behavior is to pass the hostname to the proxy and allow it to perform the...
Who and What is Behind the Malware Proxy Service SocksEscort?
Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service...
K55225440: BIG-IP SOCKS proxy vulnerability CVE-2017-6148
Security Advisory Description Responses to SOCKS proxy requests made through the BIG-IP system may cause a disruption of service provided by the Traffic Management Microkernel TMM. The data plane is impacted and exposed only when a SOCKS proxy profile is attached to a virtual server. The control...