6 matches found
EUVD-2023-32624
Malicious code in bioql PyPI...
GitHub: CVE-2023-29011 The config file of `connect.exe` is susceptible to malicious placing
...
Hardcoded credentials
Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...
CVE-2023-29011 Git for Windows's config file of `connect.exe` is susceptible to malicious placing
Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...
CVE-2023-29011
Summary of CVE-2023-29011 (Git for Windows): The Windows port of Git ships with connect.exe, a SOCKS5 proxy, which reads a config file at a hard-coded path (/etc/connectrc). On Windows this path is interpreted as C:\etc\connectrc, which an authenticated user on a multi-user system can create or m...
CVE-2023-29011 Git for Windows's config file of `connect.exe` is susceptible to malicious placing
Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...