MidnightBSD

Advisories for shadowsocks

CVE-2017-15924 HIGH

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
shadowsocks shadowsocks-libev 1.6.3
shadowsocks shadowsocks-libev 2.1.1
shadowsocks shadowsocks-libev 2.0.8
shadowsocks shadowsocks-libev 2.4.2
shadowsocks shadowsocks-libev 3.0.3
shadowsocks shadowsocks-libev 3.0.0
shadowsocks shadowsocks-libev 1.6.4
shadowsocks shadowsocks-libev 1.4.8
shadowsocks shadowsocks-libev 2.4.8
shadowsocks shadowsocks-libev 2.4.0
shadowsocks shadowsocks-libev 2.5.5
shadowsocks shadowsocks-libev 3.0.7
shadowsocks shadowsocks-libev 1.3.2
shadowsocks shadowsocks-libev 2.4.1
shadowsocks shadowsocks-libev 2.0.1
shadowsocks shadowsocks-libev 2.3.0
shadowsocks shadowsocks-libev 3.1.0
shadowsocks shadowsocks-libev 2.0.7
shadowsocks shadowsocks-libev 2.1.0
shadowsocks shadowsocks-libev 2.4.5
shadowsocks shadowsocks-libev 2.6.1
shadowsocks shadowsocks-libev 2.5.4
shadowsocks shadowsocks-libev 2.6.2
shadowsocks shadowsocks-libev 2.6.3
shadowsocks shadowsocks-libev 3.0.1
shadowsocks shadowsocks-libev 2.3.3
shadowsocks shadowsocks-libev 2.5.1
debian debian_linux 9.2
shadowsocks shadowsocks-libev 2.6.0
shadowsocks shadowsocks-libev 3.0.2
shadowsocks shadowsocks-libev 3.0.6
shadowsocks shadowsocks-libev 2.1.3
shadowsocks shadowsocks-libev 1.6.2
shadowsocks shadowsocks-libev 2.1.4
shadowsocks shadowsocks-libev 2.5.6
shadowsocks shadowsocks-libev 1.4.6
shadowsocks shadowsocks-libev 2.3.2
shadowsocks shadowsocks-libev 2.5.3
shadowsocks shadowsocks-libev 2.4.7
shadowsocks shadowsocks-libev 2.3.1
shadowsocks shadowsocks-libev 1.4.1
shadowsocks shadowsocks-libev 1.3
shadowsocks shadowsocks-libev 2.0.6
shadowsocks shadowsocks-libev 1.6.1
shadowsocks shadowsocks-libev 1.4.0
shadowsocks shadowsocks-libev 3.0.8
shadowsocks shadowsocks-libev 1.4.4
shadowsocks shadowsocks-libev 2.0.3
shadowsocks shadowsocks-libev 2.2.1
shadowsocks shadowsocks-libev 2.0.5
shadowsocks shadowsocks-libev 2.2.2
shadowsocks shadowsocks-libev 2.5.0
shadowsocks shadowsocks-libev 2.0.4
shadowsocks shadowsocks-libev 2.4.3
shadowsocks shadowsocks-libev 1.4.7
shadowsocks shadowsocks-libev 3.0.5
shadowsocks shadowsocks-libev 2.4.4
shadowsocks shadowsocks-libev 2.2.0
shadowsocks shadowsocks-libev 1.4.5
shadowsocks shadowsocks-libev 1.5.0
shadowsocks shadowsocks-libev 1.5.1
shadowsocks shadowsocks-libev 1.5.3
shadowsocks shadowsocks-libev 2.2.3
shadowsocks shadowsocks-libev 2.4.6
shadowsocks shadowsocks-libev 2.1.2
shadowsocks shadowsocks-libev 3.0.4
shadowsocks shadowsocks-libev 2.0.2
shadowsocks shadowsocks-libev 1.4.3
shadowsocks shadowsocks-libev 1.4.2
shadowsocks shadowsocks-libev 1.5.2
shadowsocks shadowsocks-libev 2.5.2
CVE-2019-5152 MEDIUM

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An attacker can send arbitrary packets to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.4 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N 2.2 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,CWE-306,

Products Affected

Vendor Product Version
shadowsocks shadowsocks-libev 3.3.2
CVE-2019-5163 MEDIUM

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,CWE-306,

Products Affected

Vendor Product Version
opensuse backports sle-15
opensuse leap 15.1
shadowsocks shadowsocks-libev 3.3.2
CVE-2019-5164 MEDIUM

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,CWE-306,

Products Affected

Vendor Product Version
opensuse backports_sle 15.0
opensuse leap 15.1
shadowsocks shadowsocks-libev 3.3.2
CVE-2023-27574

ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
shadowsocks shadowsocksx-ng 1.10.0