JLSEC-2025-166 gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflo...

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0' character...

Unity Linux 20.1070a Security Update: glib2 (UTSA-2025-987416)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987416 advisory. gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0'...

TencentOS Server 3: glib2 (TSSA-2025:0689)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0689 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

OESA-2024-2436 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: gio/gsocks4aproxy.c in GNOME GLib before...

OESA-2024-2382 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: gio/gsocks4aproxy.c in GNOME GLib before...

CVE-2024-52533

A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4CONNMSGLEN. This issue may lead to an application crash or other undefined behavior...

AZL-52639 CVE-2024-52533 affecting package glib for versions less than 2.78.1-5

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0' character...

UBUNTU-CVE-2024-52533

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0' character...

CVE-2024-52533

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0' character...

SSRFmap - Automatic SSRF Fuzzer And Exploitation Tool

SSRF are often used to leverage actions on other services, this framework aims to find and exploit these services easily. SSRFmap takes a Burp request file as input and a parameter to fuzz. Server Side Request Forgery or SSRF is a vulnerability in which an attacker forces a server to perform...

Thousands of MikroTik Routers Hijacked for Eavesdropping

A full 7,500+ MikroTik routers are forwarding their owners’ traffic to eavesdropping cybercriminals – while 239,000 more have had their Socks4 proxy enabled, maliciously and surreptitiously. This means the bad actors can gain access to any of the files or data being passed by the router to and fr...

Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic

Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially...

Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic

Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially...

CVE-2007-4991

The SOCKS4 Proxy in Microsoft Internet Security and Acceleration ISA Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information the destination IP address of another user's session via an empty packet...

Design/Logic Flaw

The SOCKS4 Proxy in Microsoft Internet Security and Acceleration ISA Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information the destination IP address of another user's session via an empty packet...

CVE-2007-4991

The CVE-2007-4991 issue affects Microsoft ISA Server 2004 SP1 and SP2, where the SOCKS4 Proxy can leak the destination IP address of another user’s session. The root cause is that an empty packet to the SOCKS4 proxy elicits a response containing the last IP address proxied through the server. Imp...

CVE-2007-4991

The SOCKS4 Proxy in Microsoft Internet Security and Acceleration ISA Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information the destination IP address of another user's session via an empty packet...

Microsoft ISA Server SOCKS4 Proxy Connection Leakage Vulnerability

This vulnerability allows remote attackers to extract IP addresses visited through the SOCKS4 Proxy on vulnerable ISA Server installations. Authentication is not required to exploit this vulnerability. This specific flaw exists when an empty packet is sent to the SOCKS4. The server will return a...