60 matches found
Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic
Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially...
Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic
Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially...
ProxyDroid - Set Proxys (Http / Socks4 / Socks5) on your Android devices
ProxyDroid is an app that can help you to set the proxy http / socks4 / socks5 on your android devices. FEATURES 1. Support HTTP / HTTPS / SOCKS4 / SOCKS5 proxy 2. Support basic / NTLM / NTLMv2 authentication methods 3. Individual proxy for only one or several apps 4. Multiple profiles support 5...
AN HTTPD 1.38/1.39/1.40/1.41 Malformed SOCKS4 Request Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, it handles user...
Microsoft ISA Server SOCKS4代理连接远程信息泄露漏洞
Microsoft ISA Server是一款企业防火墙、虚拟专用网(VPN)和Web缓存解决方案。 Microsoft ISA Server SOCKS4代理存在设计错误,远程攻击者可以利用漏洞获得IP地址敏感信息。 发送给空报文给ISA Server SOCKS4代理,服务器会返回包含上一个代理的IP地址信息给攻击者,导致敏感信息泄露。 Microsoft ISA Server 2004 SP2 Microsoft ISA Server 2004 SP1 补丁下载: Microsoft ISA Server 2004 SP2 Microsoft Microsoft Internet...
CVE-2007-4991
The SOCKS4 Proxy in Microsoft Internet Security and Acceleration ISA Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information the destination IP address of another user's session via an empty packet...
Design/Logic Flaw
The SOCKS4 Proxy in Microsoft Internet Security and Acceleration ISA Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information the destination IP address of another user's session via an empty packet...
CVE-2007-4991
The SOCKS4 Proxy in Microsoft Internet Security and Acceleration ISA Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information the destination IP address of another user's session via an empty packet...
CVE-2007-4991
The CVE-2007-4991 issue affects Microsoft ISA Server 2004 SP1 and SP2, where the SOCKS4 Proxy can leak the destination IP address of another user’s session. The root cause is that an empty packet to the SOCKS4 proxy elicits a response containing the last IP address proxied through the server. Imp...
Microsoft ISA Server SOCKS4 Proxy Connection Leakage Vulnerability
This vulnerability allows remote attackers to extract IP addresses visited through the SOCKS4 Proxy on vulnerable ISA Server installations. Authentication is not required to exploit this vulnerability. This specific flaw exists when an empty packet is sent to the SOCKS4. The server will return a...
Connect back to SOCKS4 server
It was possible to connect to the SOCKS4 server through itself. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2002-1930
Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username...
SOCKS4 Server Recursive Connection Remote DoS
It is possible to connect to the SOCKS4 server through itself. An attacker can leverage this issue to saturate the host's CPU, memory or file descriptors. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid17155; scriptversion "1.12"; scriptnameenglish:"SOCKS4 Server...
CVE-2002-1930
Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username...
NEC SOCKS4 Module Username Handling Remote Overflow
The SOCKS4 service running on the remote host crashes when it receives a request with a long username. An attacker may be able to leverage this issue to disable the remote service or even execute arbitrary code on the affected host. C Tenable Network Security, Inc. References: Message-ID: Date:...
anhttpd141c_exploit.java
Advisory Information -------------------- Name : AN HTTPD Vendor Homepage : http://www.st.rim.or.jp/nakata/ Platforms : Windows9x/Me/NT/2000/XP Vulnerability Type : stack overflow very easy to exploit Vendor Contacted : 17/10/2002 Vendor Replied : 20/10/2002 Vulnerable Versions : 1.30 to 1.41c No...
AN HTTPD 1.381.391.401.41 - SOCKS4 Buffer Overflow
AN HTTPD 1.381.391.401.41 - SOCKS4 Buffer Overflow source: https://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, ...
AN HTTPD 1.38/1.39/1.40/1.41 - 'SOCKS4' Buffer Overflow
source: https://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, it handles user names in an unsafe manner. An...
CVE-2000-0659
Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request...
CVE-2000-0659
Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request...