2 matches found
CVE-2015-3887
CVE-2015-3887 affects ProxyChains-NG up to version 4.9. The vulnerability arises from an untrusted search path: a Trojan horse library libproxychains4.so placed in the current working directory can be loaded via LD_PRELOAD, allowing local privilege escalation. Exploitation is local with no user i...
FreeBSD : proxychains-ng -- current path as the first directory for the library search path (9471ec47-05a2-11e5-8fda-002590263bf5)
Mamoru TASAKA reports : proxychains4 sets LDPRELOAD to dlopen libproxychains4.so and execvp the arbitrary command user has specified. proxychains4 sets the current directory as the first path to search libproxychains4.so %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...