libproxy: uncontrolled recursion via an infinite stream response leading to stack exhaustion

A flaw was found in libproxy in versions 0.4 through 0.4.15. A remote HTTP server can trigger an uncontrolled recursion via a response composed of an infinite stream that lacks a newline character leading to a stack exhaustion. The highest threat from this vulnerability is to system availability...

RHSA-2024:6205 Red Hat Security Advisory: libproxy security update

Bulletin has no description...

RHSA-2012:1461 Red Hat Security Advisory: libproxy security update

Bulletin has no description...

libproxy: uncontrolled recursion via an infinite stream response leading to stack exhaustion

A flaw was found in libproxy in versions 0.4 through 0.4.15. A remote HTTP server can trigger an uncontrolled recursion via a response composed of an infinite stream that lacks a newline character leading to a stack exhaustion. The highest threat from this vulnerability is to system availability...

libproxy: sending more than 102400 bytes in PAC without a Content-Length present could result in buffer overflow

A vulnerability was found in libproxy, where a buffer overflow can occur if a server serving a PAC file sends more than 102400 bytes without a Content-Length header, this flaw allows an attacker to trigger an overflow of PACHTTPBLOCKSIZE 512 bytes, potentially leading to application crashes or...

Moderate: Red Hat Security Advisory: libproxy security update

An update for libproxy is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 8 : libproxy (RHSA-2024:6205)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6205 advisory. The libproxy packages provide a library that handles all the details of proxy configuration. The libproxy library provides a stable external...

Malicious code in libproxy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cd7d095572ec4dd86648a86d8a9ee88e4c5b11e02bc519a951d3c41539d6e6c0 --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2023-11-update-information-endpoint Reasons based on the...

MAL-2024-5323 Malicious code in libproxy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cd7d095572ec4dd86648a86d8a9ee88e4c5b11e02bc519a951d3c41539d6e6c0 --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2023-11-update-information-endpoint Reasons based on the...

OPENSUSE-SU-2024:10327-1 libproxy-devel-0.4.13-7.1 on GA media

These are all security issues fixed in the libproxy-devel-0.4.13-7.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10973-1 libproxy-devel-0.4.17-2.2 on GA media

These are all security issues fixed in the libproxy-devel-0.4.17-2.2 package on the GA media of openSUSE Tumbleweed...

RHEL 8 : libproxy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libproxy: uncontrolled recursion via an infinite stream response leading to stack exhaustion CVE-2020-25219 Note th...

RHEL 6 : libproxy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libproxy: format string flaw in bin/proxy CVE-2012-5580 Note that Nessus has not tested for this issue but has...

RHEL 7 : libproxy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libproxy: uncontrolled recursion via an infinite stream response leading to stack exhaustion CVE-2020-25219 Note th...

RHEL 6 : libproxy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libproxy: uncontrolled recursion via an infinite stream response leading to stack exhaustion CVE-2020-25219 Note th...

Format string

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

UBUNTU-CVE-2015-10088

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

CVE-2015-10088 ayttm proxy.c http_connect format string

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

CVE-2015-10088

CVE-2015-10088 affects ayttm up to 0.5.0.89, specifically the http_connect function in libproxy/proxy.c, where a format string vulnerability exists. The issue can be executed remotely and is described as high severity with complex exploitability. A patch is available (hash: 40e04680018614a7d2b685...

PT-2023-10267 · Ayttm · Ayttm

Name of the Vulnerable Software and Affected Versions: ayttm versions up to 0.5.0.89 Description: A critical vulnerability was found in ayttm, affecting the function http connect in the library libproxy/proxy.c. The manipulation leads to a format string issue, which can be initiated remotely. The...