SB2019120415 - Multiple vulnerabilities in Shadowsocks-libev

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2019-5152)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists in the network packet handling functionality when utilizing a Stream Cipher. A remote attacker can send a specially crafted set of network packets, cause an outbound connection from the server and gain unauthorized access to sensitive information on the system.

2) Missing Authentication for Critical Function (CVE-ID: CVE-2019-5164)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an insufficient authentication mechanism in the ss-manager binary. A remote authenticated attacker can send a specially crafted network packets to ss-manager, cause an arbitrary binary to run and execute arbitrary code on the target system.

Remediation

Install update from vendor's website.

References

• https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0942
• https://talosintelligence.com/vulnerability_reports/TALOS-2019-0958