15 matches found
EUVD-2010-1132
Malware in sbrugna...
EUVD-2014-3587
Malware in sbrugna...
TCP Ports get exhausted on the StoreFront server
StoreFront refuses to create connections and we get below events : Event ID 4231 : Request to allocate an ephemeral port number from the global TCP port space has failed due to all such ports being in use. Event ID 4227 : TCP/IP failed to establish an outgoing connection because the selected loca...
CVE-2023-49250
Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...
CVE-2023-29011 Git for Windows's config file of `connect.exe` is susceptible to malicious placing
Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...
The vulnerability of the randomized generation of port numbers for outgoing TCP connections on Linux kernel ports allows a hacker to predict the port number of an outgoing TCP connection.
The vulnerability of the randomly generated port numbers for outgoing TCP connections in the Linux operating system is related to information disclosure. Exploiting this vulnerability allows a remote attacker to predict the number of the port for outgoing TCP connections...
CVE-2020-8279
Missing validation of server certificates for out-going connections in Nextcloud Social 0.4.0 allowed a man-in-the-middle attack...
Input validation
Missing validation of server certificates for out-going connections in Nextcloud Social 0.4.0 allowed a man-in-the-middle attack...
Nextcloud: Social App does not validate server certificates for outgoing connections
The Social App https://apps.nextcloud.com/apps/social does not validate the server TLS certificate for connections to other ActivityPub servers. These connections are used to retrieve the public key for a user or posting a message to another ActivityPub server. The public key for a user is used t...
Monero: Potential linkage of public/private (anonymous) node addresses
During the handshake for an incoming connection, the peer id is checked against the local node's peer id only for the specific zone of the incoming peer, in order to avoid linking public addresses to tor addresses:...
Black Hat 2018: Patrick Wardle on Breaking and Bypassing MacOS Firewalls
LAS VEGAS – Taking aim at the status-quo of macOS firewalls, researcher Patrick Wardle has made his case for Apple and third-party security firms to beef up their protections. At a session here at Black Hat 2018, Wardle, chief research officer at Digita Security and founder of Mac security compan...
Application Level Firewall OpenSnitch
Application Level Firewall OpenSnitch OpenSnitch is a GNU/Linux port of the Little Snitch application firewall. OpenSnitch is an application level firewall, meaning then while running, it will detect and alert the user for every outgoing connection applications he’s running are creating. This can...
Discourse: SSRF in upload IMG through URL
-Short description Private message function is vulnerable is vulnerable to a SSRF vulnerability which allows an attacker to craft connections originating from servers to any destination on the internet and discourse internal network and craft outgoing UDP-packet for example, to connect to FTP...
DEBIAN-CVE-2011-2768
Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had...
Skype Detection
The remote host is running Skype, a peer-to-peer Voice-Over-IP application. Due to the peer-to-peer nature of Skype, any user connecting to the Skype network may consume a large amount of bandwidth. Make sure the use of this program is done in accordance with your corporate security policy. C...