Описание
An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 3.3.3+ds-3 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 3.3.3+ds-3 |
| esm-apps/jammy | not-affected | 3.3.3+ds-3 |
| esm-apps/noble | not-affected | 3.3.3+ds-3 |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | 3.3.3+ds-3 |
Показывать по
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability.
An exploitable code execution vulnerability exists in the ss-manager b ...
An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability.
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3