135 matches found
Nmap NSE 6.01: socks-open-proxy
Checks if an open socks proxy is running on the target. The script attempts to connect to a proxy server and send socks4 and socks5 payloads. It is considered an open proxy if the script receives a Request Granted response from the target port. The payloads try to open a connection to...
Tor-Powered Botnet Linked to Malware Coder's AMA on Reddit
In the process of analyzing a seemingly new and fairly small botnet called Skynet, Rapid7 security researchers determined that this was precisely the same network described by its creator in a particularly bold ‘Ask Me Anything’ AMA on the social news site Reddit earlier this year. Claudio...
socks-auth-info NSE Script
Determines the supported authentication mechanisms of a remote SOCKS proxy server. Starting with SOCKS version 5 socks servers may support authentication. The script checks for the following authentication types: 0 - No authentication 1 - GSSAPI 2 - Username and password Example Usage nmap -p 108...
CVE-2011-2778
Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code by 1 establishing a SOCKS connection to SocksPort or 2 leveraging a SOCKS proxy configuration...
Heap overflow
Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code by 1 establishing a SOCKS connection to SocksPort or 2 leveraging a SOCKS proxy configuration...
CVE-2011-2778
Tor vulnerability CVE-2011-2778 involves a heap-based buffer overflow in or/buffers.c that could allow remote code execution or memory corruption when using SocksPort or SOCKS proxy configuration. Affected product: Tor. Impact: remote attacker may cause memory corruption or execute arbitrary code...
Aldi Bot - Buy a Botnet just in 10 Euros
Aldi Bot - Buy a Botnet just in 10 Euros Researchers of German security firm G Data have discovered that a bot builder dubbed "Aldi Bot" is currently being offered for that much on underground forums. The Aldi Bot Builder appears to be based on the ZeuS source code. The malware has nothing to do...
[SECURITY] Fedora 14 Update: tor-0.2.1.30-1400.fc14
Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the...
Nmap NSE: Socks Open Proxy
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla data corruption with SOCKS5 reply
Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service data stream corruption via a long domain name in a reply...
OpenJDK Proxy mechanism information leaks (6801071)
The SOCKS proxy implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted 1 applet or 2 Java Web Start application via unspecified vectors...
OpenJDK Proxy mechanism information leaks (6801071)
The SOCKS proxy implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted 1 applet or 2 Java Web Start application via unspecified vectors...
SuSE 11 Security Update : IBM Java 1.6.0 (SAT Patch Number 1497)
The IBM Java 6 JRE/SDK was updated to Service Release 6, fixing various bugs and security issues. The following security issues were fixed : - A security vulnerability in the JNLPAppletLauncher might impact users of the Sun JDK and JRE. Non-current versions of the JNLPAppletLauncher might be...
SuSE 11 Security Update : Sun Java 1.6.0 (SAT Patch Number 1163)
The Sun Java JRE /JDK 6 was updated to Update 15 fixing various security issues. - The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted applets and 2 Java...
OpenJDK Proxy mechanism information leaks (6801071)
The SOCKS proxy implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted 1 applet or 2 Java Web Start application via unspecified vectors...
Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2009:209)
Multiple Java OpenJDK security vulnerabilities has been identified and fixed : The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation specifies an HMAC truncation length HMACOutputLength but does not require a minimum for its length, which allows attackers to spoof...
openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1161)
The Sun Java JRE /JDK 6 was updated to Update 15 fixing various security issues. CVE-2009-2670: The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted apple...
openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1161)
The Sun Java JRE /JDK 6 was updated to Update 15 fixing various security issues. CVE-2009-2670: The audio system in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by 1 untrusted apple...
OpenJDK Proxy mechanism information leaks (6801071)
The SOCKS proxy implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted 1 applet or 2 Java Web Start application via unspecified vectors...
OpenJDK Proxy mechanism information leaks (6801071)
The SOCKS proxy implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted 1 applet or 2 Java Web Start application via unspecified vectors...