Lucene search
K

123 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/11 12:0 a.m.51 views

FreeBSD : curl -- SOCKS5 heap buffer overflow (d6c19e8c-6806-11ee-9464-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d6c19e8c-6806-11ee-9464-b42e991fc52e advisory. - CVE-2023-38545 is a heap-based buffer overflow vulnerability in the SOCKS5 proxy handshake in libcurl...

9.8CVSS7.8AI score0.78483EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2023/10/11 12:0 a.m.541 views

Curl 7.69 < 8.4.0 Heap Buffer Overflow

The version of curl installed on the remote host is affected by a heap based buffer overflow in the SOCKS5 proxy handshake. When curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that...

9.8CVSS7.8AI score0.78483EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2023/10/11 12:0 a.m.37 views

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current curl Multiple Vulnerabilities (SSA:2023-284-01)

The version of curl installed on the remote host is prior to 8.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-284-01 advisory. - CVE-2023-38545 is a heap-based buffer overflow vulnerability in the SOCKS5 proxy handshake in libcurl and curl. When curl is...

9.8CVSS8.2AI score0.78483EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2023/10/11 12:0 a.m.54 views

Debian DSA-5523-1 : curl - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5523 advisory. - CVE-2023-38545 is a heap-based buffer overflow vulnerability in the SOCKS5 proxy handshake in libcurl and curl. When curl is given a hostname to pass along...

9.8CVSS7.9AI score0.78483EPSS
Exploits6References8
Kitploit
Kitploit
added 2023/06/25 12:30 p.m.39 views

Gato - GitHub Self-Hosted Runner Enumeration And Attack Tool

Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access token within a GitHub organization. The tool also allows searching for and thoroughly enumerating publ...

7.7AI score
Exploits0References6
The Hacker News
The Hacker News
added 2023/05/29 9:50 a.m.2 views

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

Linux routers in Japan are the target of a new Golang remote access trojan RAT called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT," the JPCERT Coordination Center JPCERT/CC...

7.2AI score
Exploits0
NVD
NVD
added 2023/04/25 9:15 p.m.20 views

CVE-2023-29011

Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...

7.8CVSS7.5AI score0.00381EPSS
Exploits0References2
Prion
Prion
added 2023/04/25 9:15 p.m.12 views

Hardcoded credentials

Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...

4.4CVSS7.5AI score0.00381EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/25 8:40 p.m.11 views

CVE-2023-29011 Git for Windows's config file of `connect.exe` is susceptible to malicious placing

Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...

7.5CVSS7.6AI score0.00381EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/25 8:40 p.m.49 views

CVE-2023-29011 Git for Windows's config file of `connect.exe` is susceptible to malicious placing

Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...

7.5CVSS8AI score0.00381EPSS
Exploits0References2
OSV
OSV
added 2023/04/25 8:40 p.m.25 views

CVE-2023-29011 Git for Windows's config file of `connect.exe` is susceptible to malicious placing

Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...

7.5CVSS8AI score0.00381EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.5 views

SUSE CVE-2004-0409

Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code...

7.5CVSS8.3AI score0.08961EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.3 views

SUSE CVE-2009-2470

Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service data stream corruption via a long domain name in a reply...

5CVSS8.5AI score0.01991EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/27 12:0 a.m.6 views

SOCKS5 Proxy Package for Go 安全漏洞

SOCKS5 Proxy Package for Go is an open source SOCKS5 proxy library for Go by Bitcoin in Go. SOCKS5 Proxy Package for Go suffers from a security vulnerability that stems from the fact that the RemoteAddr and LocalAddr methods on the returned net.Conn may call themselves, leading to an infinite loo...

7.5CVSS7.4AI score0.00782EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2022/12/16 4:16 p.m.553 views

Exploit for Incorrect Authorization in Cacti

CVE-2022-46169 Cacti Blind Remote Code Execution Pre-Auth...

9.8CVSS10AI score0.99826EPSS
Exploits48
Positive Technologies
Positive Technologies
added 2022/08/03 12:0 a.m.13 views

PT-2023-5883

Name of the Vulnerable Software and Affected Versions curl versions 7.82.0 through 8.4.0 libcurl versions 7.82.0 through 8.4.0 MySQL versions 5.7.43 and earlier, 8.0.34 and earlier, 8.1.0 and earlier Description curl and libcurl are vulnerable to a heap buffer overflow in the SOCKS5 proxy...

9.8CVSS7.7AI score0.78483EPSS
Exploits6
The Hacker News
The Hacker News
added 2022/03/16 2:18 p.m.57 views

New "B1txor20" Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw

A previously undocumented backdoor has been observed targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits. Qihoo 360's Netlab security team called it B1txor20 "based on its propagation using the file name...

1.5AI score
Exploits0
Kitploit
Kitploit
added 2021/05/18 9:30 p.m.67 views

Msldap - LDAP Library For Auditing MS AD

msldap LDAP library for MS AD Documentation Awesome documentation here! Features Comes with a built-in console LDAP client All parameters can be conrolled via a conveinent URL see below Supports integrated windows authentication SSPI both with NTLM and with KERBEROS Supports channel binding for...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2019/08/05 5:39 p.m.70 views

Puzzling Gwmndy Botnet Focuses on Low-Volume Proxy Connections

An odd botnet has been spotted targeting Fiberhome routers, in a quest to add 200 of them per day to its botnet web. That’s a low number in the world of botnets, according to 360 Netlab researchers, which observed a previously unknown malware strain called Gwmndy after the attackers’ domain name...

0.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/07/12 4:9 p.m.214 views

Unusual Linux Ransomware Targets NAS Servers

A rare instance of ransomware targeting Linux-based file storage systems network-attached storage servers, specifically has been spotted, spreading via 15 separate but related campaigns. The adversaries behind the effort are continuing their depredations on an ongoing basis, according to...

7.5AI score
Exploits0References6
Rows per page
Query Builder