54 matches found
EUVD-2020-7909
Malware in sbrugna...
Matrix Media Repo (MMR) allows Server-Side Request Forgery (SSRF) on redirects and federation
Impact Matrix Media Repo MMR is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. Patches This is fixed in MMR v1.3.8. Workarounds Restricting which hosts MMR is allowed to contact via local firewall rules or a transparent...
CVE-2024-52602
CVE-2024-52602 affects Matrix Media Repo (MMR), a multi-homeserver media repository for Matrix. An SSRF (server-side request forgery) vulnerability could cause MMR to fetch and serve content from a private network accessible to the server under certain conditions. The issue is mitigated by upgrad...
Fortinet Fortigate fails to block malformed HTTP/S traffic when transparent proxy is enabled (FG-IR-20-172)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-172 advisory. - When traffic other than HTTP/S eg: SSH traffic, etc... traverses the FortiGate in version below 6.2.5 and below 6.4.2 on po...
CVE-2024-34713 sshproxy vulnerable to SSH option injection
sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using sshproxy can inject options to the ssh command executed by sshproxy. All versions of sshproxy are...
CVE-2021-47152
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem boils down to...
CVE-2021-47152
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem boils down to...
CVE-2021-47152 mptcp: fix data stream corruption
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem boils down to...
CVE-2021-47152
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem boils down to...
PT-2024-11201 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the MPTCP protocol in the Linux kernel, where the mptcp frag can collapse to function assumes that only MPTCP will use the given page frag. However, if other...
Fallback handlers can trick users into calling functions of the AmbireAccount contract
Lines of code Vulnerability details Fallback handlers can trick users into calling functions of the AmbireAccount contract Selector clashing can be used to trick users into calling base functions of the wallet. Impact Fallback handlers provide extensibility to the Ambire wallet. The main idea her...
kernel: netfilter: nft_tproxy: restrict to prerouting hook
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttproxy: restrict to prerouting hook TPROXY is only allowed from prerouting, but nfttproxy doesn't check this. This fixes a crash null dereference when using tproxy from e.g. output...
K33444350: F5 SSL Orchestrator vulnerability CVE-2019-6630
Security Advisory Description Undisclosed traffic flow may cause TMM to restart under certain circumstances. CVE-2019-6630 Impact A remote attacker may be able to disrupt service by causing the Traffic Management Microkernel TMM to restart. This issue only affects F5 SSL Orchestrator systems...
CVE-2021-27768
Using the ability to perform a Man-in-the-Middle MITM attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in 'transparent' mode...
CVE-2020-15938
When traffic other than HTTP/S eg: SSH traffic, etc... traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header...
Design/Logic Flaw
When traffic other than HTTP/S eg: SSH traffic, etc... traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header...
CVE-2020-15938
Fortinet FortiGate vulnerability CVE-2020-15938 affects FortiGate devices where non-HTTP/S traffic (e.g., SSH) on ports 80/443 is not redirected to the transparent proxy due to missing valid HTTP headers, allowing bypass of the proxy policy. Affected versions include FortiGate below 6.2.5 and bel...
CVE-2020-15938
When traffic other than HTTP/S eg: SSH traffic, etc... traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header...
Fortinet FortiGate 安全漏洞
Fortinet FortiGate is a suite of network security platforms from the American company Fiat Fortinet. The platform provides firewall, antivirus and intrusion prevention IPS, application control, anti-spam, wireless controller, and WAN acceleration. A security vulnerability exists in FortiGate. The...
Protect
When traffic other than HTTP/S eg: SSH traffic, etc... traverses the FortiOS on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header...