EUVD-2019-14769

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-5164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can...

SUSE CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

Mageia: Security Advisory (MGASA-2020-0006)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated shadowsocks-libev packages fix security vulnerabilities

Updated shadowsocks-libev packages fix security vulnerabilities: Exploitable denial-of-service vulnerability exists in the UDPRelay functionality CVE-2019-5163. Code execution vulnerability in the ss-manager binary CVE-2019-5164...

DEBIAN-CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

Remote code execution

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

UBUNTU-CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...

CVE-2019-5164

CVE-2019-5164 affects shadowsocks-libev, specifically the ss-manager binary (version 3.3.2). A vulnerability in processing specially crafted network packets can lead to arbitrary code execution and privilege escalation on the host. The issue is tied to the ss-manager component and has been addres...

Shadowsocks-libev Access Control Error Vulnerability (CNVD-2020-00259)

Shadowsocks-libev is a lightweight secure SOCKS5 agent for embedded devices. An access control error vulnerability exists in the ss-manager binary in Shadowsocks-libev version 3.3.2, which can be exploited by an attacker to elevate privileges and execute arbitrary code...

Shadowsocks-libev ss-manager add_server Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to...

shadowsocks-libev command execution vulnerability

shadowsocks-libev is a SOCKS5 proxy for embedded devices written in C. ss-manager is one of the ss management tools. A security vulnerability exists in the manager.c file of ss-manager in shadowsocks-libev version 3.1.0. An attacker can exploit this vulnerability to execute commands...

UBUNTU-CVE-2017-15924

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the addserver, buildconfig, and constructcommandline functions...

CVE-2017-15924

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the addserver, buildconfig, and constructcommandline functions...

CVE-2017-15924

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the addserver, buildconfig, and constructcommandline functions...

CVE-2017-15924

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the addserver, buildconfig, and constructcommandline functions...

CVE-2017-15924

CVE-2017-15924 affects shadowsocks-libev (ss-manager) on version 3.1.0. Improper parsing of a JSON configuration request received via 127.0.0.1 UDP traffic enables local command injection through shell metacharacters in add_server, build_config, and construct_command_line pathways, potentially al...