CVE-2015-3887

Published: Sep 21, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the current working directory, which is referenced in the LD_PRELOAD path.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20150513 Re: CVE request for proxychains-ng : current path as the first directory for the library search path

mailing-list

x_refsource_MLIST

https://github.com/rofl0r/proxychains-ng/commit/9ab7dbeb3baff67a51d0c5e71465c453be0890b5#diff-803c5170888b8642f2a97e5e9423d399

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1147013

x_refsource_CONFIRM

74648

vdb-entry

x_refsource_BID

https://github.com/rofl0r/proxychains-ng/blob/v4.9/README#L56

x_refsource_CONFIRM

https://github.com/rofl0r/proxychains-ng/issues/60

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-3887

Description

Affected Products

References