Lucene search
K

60 matches found

The Hacker News
The Hacker News
added 2018/09/04 9:53 a.m.1 views

Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic

Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially...

9.1CVSS8.2AI score0.96087EPSS
Exploits23
The Hacker News
The Hacker News
added 2018/09/04 9:53 a.m.432 views

Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic

Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially...

9.1CVSS0.5AI score0.96087EPSS
Exploits23
Kitploit
Kitploit
added 2015/03/19 12:36 a.m.90 views

ProxyDroid - Set Proxys (Http / Socks4 / Socks5) on your Android devices

ProxyDroid is an app that can help you to set the proxy http / socks4 / socks5 on your android devices. FEATURES 1. Support HTTP / HTTPS / SOCKS4 / SOCKS5 proxy 2. Support basic / NTLM / NTLMv2 authentication methods 3. Individual proxy for only one or several apps 4. Multiple profiles support 5...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

AN HTTPD 1.38/1.39/1.40/1.41 Malformed SOCKS4 Request Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, it handles user...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/09/22 12:0 a.m.14 views

Microsoft ISA Server SOCKS4代理连接远程信息泄露漏洞

Microsoft ISA Server是一款企业防火墙、虚拟专用网(VPN)和Web缓存解决方案。 Microsoft ISA Server SOCKS4代理存在设计错误,远程攻击者可以利用漏洞获得IP地址敏感信息。 发送给空报文给ISA Server SOCKS4代理,服务器会返回包含上一个代理的IP地址信息给攻击者,导致敏感信息泄露。 Microsoft ISA Server 2004 SP2 Microsoft ISA Server 2004 SP1 补丁下载: Microsoft ISA Server 2004 SP2 Microsoft Microsoft Internet...

7AI score
Exploits0
NVD
NVD
added 2007/09/21 7:17 p.m.25 views

CVE-2007-4991

The SOCKS4 Proxy in Microsoft Internet Security and Acceleration ISA Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information the destination IP address of another user's session via an empty packet...

5CVSS6.1AI score0.16148EPSS
Exploits0References5
Prion
Prion
added 2007/09/21 7:17 p.m.14 views

Design/Logic Flaw

The SOCKS4 Proxy in Microsoft Internet Security and Acceleration ISA Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information the destination IP address of another user's session via an empty packet...

5CVSS6.6AI score0.16148EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/09/21 6:0 p.m.29 views

CVE-2007-4991

The SOCKS4 Proxy in Microsoft Internet Security and Acceleration ISA Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information the destination IP address of another user's session via an empty packet...

6.1AI score0.16148EPSS
Exploits0References5
CVE
CVE
added 2007/09/21 6:0 p.m.49 views

CVE-2007-4991

The CVE-2007-4991 issue affects Microsoft ISA Server 2004 SP1 and SP2, where the SOCKS4 Proxy can leak the destination IP address of another user’s session. The root cause is that an empty packet to the SOCKS4 proxy elicits a response containing the last IP address proxied through the server. Imp...

5CVSS6.1AI score0.16148EPSS
Exploits0References5Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2007/09/20 12:0 a.m.28 views

Microsoft ISA Server SOCKS4 Proxy Connection Leakage Vulnerability

This vulnerability allows remote attackers to extract IP addresses visited through the SOCKS4 Proxy on vulnerable ISA Server installations. Authentication is not required to exploit this vulnerability. This specific flaw exists when an empty packet is sent to the SOCKS4. The server will return a...

5CVSS4AI score0.16148EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.18 views

Connect back to SOCKS4 server

It was possible to connect to the SOCKS4 server through itself. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7AI score
Exploits0
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.22 views

CVE-2002-1930

Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username...

7.9AI score0.05463EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2005/02/20 12:0 a.m.37 views

SOCKS4 Server Recursive Connection Remote DoS

It is possible to connect to the SOCKS4 server through itself. An attacker can leverage this issue to saturate the host's CPU, memory or file descriptors. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid17155; scriptversion "1.12"; scriptnameenglish:"SOCKS4 Server...

5.5AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.16 views

CVE-2002-1930

Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username...

7.5CVSS7.9AI score0.05463EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2002/11/25 12:0 a.m.24 views

NEC SOCKS4 Module Username Handling Remote Overflow

The SOCKS4 service running on the remote host crashes when it receives a request with a long username. An attacker may be able to leverage this issue to disable the remote service or even execute arbitrary code on the affected host. C Tenable Network Security, Inc. References: Message-ID: Date:...

10CVSS5.7AI score0.06887EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2002/10/22 12:0 a.m.19 views

anhttpd141c_exploit.java

Advisory Information -------------------- Name : AN HTTPD Vendor Homepage : http://www.st.rim.or.jp/nakata/ Platforms : Windows9x/Me/NT/2000/XP Vulnerability Type : stack overflow very easy to exploit Vendor Contacted : 17/10/2002 Vendor Replied : 20/10/2002 Vulnerable Versions : 1.30 to 1.41c No...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/10/21 12:0 a.m.20 views

AN HTTPD 1.381.391.401.41 - SOCKS4 Buffer Overflow

AN HTTPD 1.381.391.401.41 - SOCKS4 Buffer Overflow source: https://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, ...

1.1AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/21 12:0 a.m.25 views

AN HTTPD 1.38/1.39/1.40/1.41 - 'SOCKS4' Buffer Overflow

source: https://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, it handles user names in an unsafe manner. An...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2000/08/03 4:0 a.m.25 views

CVE-2000-0659

Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request...

6.9AI score0.01453EPSS
Exploits1References2
NVD
NVD
added 2000/07/25 4:0 a.m.14 views

CVE-2000-0659

Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request...

5CVSS6.9AI score0.01453EPSS
Exploits1References2
Rows per page
Query Builder