CVE-2024-35175

CVE-2024-35175 describes a vulnerability in sshpiper where, before version 1.3.0, the proxy protocol listener was enabled as the only listener and lacked a toggle, allowing an attacker to forge the source address of connections. This affects sshpiper (reverse proxy for sshd) for versions 1.0.50–1...

CVE-2024-35175 sshpiper's Enabling of Proxy Protocol without proper feature flagging allows faking source address

sshpiper is a reverse proxy for sshd. Starting in version 1.0.50 and prior to version 1.3.0, the way the proxy protocol listener is implemented in sshpiper can allow an attacker to forge their connecting address. Commit 2ddd69876a1e1119059debc59fe869cb4e754430 added the proxy protocol listener as...

CVE-2022-24594

In waline 1.6.1, an attacker can submit messages using X-Forwarded-For to forge any IP address...

Sentinel is a compact anti-sniffer tools-vulnerability warning-the black bar safety net

by xundi This morning a friend asked me, say what tool found in the network to be sniffing the better, I say ISS the anti-Sniffer? he said too slow! Later to remember the previous visiting network when seen Such a program is also antisniffer type, so they put it to find out. The Sentinel is...