{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-34451", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-04-15T19:15:22.602Z", "datePublished": "2025-12-18T21:16:18.730Z", "dateUpdated": "2025-12-20T13:33:26.831Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "proxychains-ng", "packageURL": "pkg:github/rofl0r/proxychains-ng", "product": "proxychains-ng", "repo": "https://github.com/rofl0r/proxychains-ng", "vendor": "rofl0r", "versions": [{"lessThanOrEqual": "4.17", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "commit cc005b7", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Vlatko Kosturjak with Marlink Cyber"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxy_from_string() located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password fields, the application may write beyond the bounds of fixed-size stack buffers, leading to memory corruption or crashes. This vulnerability may allow denial of service and, under certain conditions, could be leveraged for further exploitation depending on the execution environment and applied mitigations."}], "value": "rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxy_from_string() located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password fields, the application may write beyond the bounds of fixed-size stack buffers, leading to memory corruption or crashes. This vulnerability may allow denial of service and, under certain conditions, could be leveraged for further exploitation depending on the execution environment and applied mitigations."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-12-20T13:33:26.831Z"}, "references": [{"tags": ["technical-description", "exploit"], "url": "https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.md"}, {"tags": ["issue-tracking"], "url": "https://github.com/rofl0r/proxychains-ng/issues/606"}, {"tags": ["patch"], "url": "https://github.com/httpsgithu/proxychains-ng/commit/cc005b7"}, {"tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/rofl0r-proxychains-ng-stack-based-buffer-overflow"}], "source": {"discovery": "UNKNOWN"}, "title": "rofl0r/proxychains-ng <= 4.17 Stack-based Buffer Overflow", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"references": [{"url": "https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.md", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-18T21:37:50.277828Z", "id": "CVE-2025-34451", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-18T21:38:07.266Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-34451", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-18T21:37:50.277828Z"}}}], "references": [{"url": "https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.md", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-18T21:38:01.915Z"}}], "cna": {"title": "rofl0r/proxychains-ng <= 4.17 Stack-based Buffer Overflow", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Vlatko Kosturjak with Marlink Cyber"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/rofl0r/proxychains-ng", "vendor": "rofl0r", "product": "proxychains-ng", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "4.17"}, {"status": "unaffected", "version": "commit cc005b7", "versionType": "custom"}], "packageURL": "pkg:github/rofl0r/proxychains-ng", "packageName": "proxychains-ng", "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.md", "tags": ["technical-description", "exploit"]}, {"url": "https://github.com/rofl0r/proxychains-ng/issues/606", "tags": ["issue-tracking"]}, {"url": "https://github.com/httpsgithu/proxychains-ng/commit/cc005b7", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/rofl0r-proxychains-ng-stack-based-buffer-overflow", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxy_from_string() located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password fields, the application may write beyond the bounds of fixed-size stack buffers, leading to memory corruption or crashes. This vulnerability may allow denial of service and, under certain conditions, could be leveraged for further exploitation depending on the execution environment and applied mitigations.", "supportingMedia": [{"type": "text/html", "value": "rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxy_from_string() located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password fields, the application may write beyond the bounds of fixed-size stack buffers, leading to memory corruption or crashes. This vulnerability may allow denial of service and, under certain conditions, could be leveraged for further exploitation depending on the execution environment and applied mitigations.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-12-20T13:33:26.831Z"}}}, "cveMetadata": {"cveId": "CVE-2025-34451", "state": "PUBLISHED", "dateUpdated": "2025-12-20T13:33:26.831Z", "dateReserved": "2025-04-15T19:15:22.602Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2025-12-18T21:16:18.730Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:proxychains-ng_project:proxychains-ng:*:*:*:*:*:*:*:*", "matchCriteriaId": "E20D56E5-23B5-4918-8D21-C5AE4811B6E1", "versionEndIncluding": "4.17", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxy_from_string() located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password fields, the application may write beyond the bounds of fixed-size stack buffers, leading to memory corruption or crashes. This vulnerability may allow denial of service and, under certain conditions, could be leveraged for further exploitation depending on the execution environment and applied mitigations."}], "id": "CVE-2025-34451", "lastModified": "2025-12-31T17:45:49.977", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2025-12-18T22:15:56.320", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Patch"], "url": "https://github.com/httpsgithu/proxychains-ng/commit/cc005b7"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.md"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/rofl0r/proxychains-ng/issues/606"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/rofl0r-proxychains-ng-stack-based-buffer-overflow"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.md"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "proxychains-ng: proxychains-ng: Denial of Service due to stack-based buffer overflow via crafted proxy configuration", "id": "2423732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423732"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-121", "details": ["A flaw was found in proxychains-ng. An attacker can exploit a stack-based buffer overflow vulnerability in the proxy_from_string() function by providing crafted proxy configuration entries containing overly long username or password fields. This can lead to memory corruption or application crashes, resulting in a Denial of Service (DoS). Under specific conditions, this vulnerability could potentially be leveraged for further exploitation."], "mitigation": {"lang": "en:us", "value": "Ensure that proxychains-ng configuration files are sourced only from trusted origins and are protected from unauthorized modification. If proxychains-ng is not essential for system operation, consider removing the package to eliminate the attack surface."}, "name": "CVE-2025-34451", "public_date": "2025-12-18T21:16:18Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-34451\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-34451\nhttps://github.com/httpsgithu/proxychains-ng/commit/cc005b7\nhttps://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.md\nhttps://github.com/rofl0r/proxychains-ng/issues/606\nhttps://www.vulncheck.com/advisories/rofl0r-proxychains-ng-stack-based-buffer-overflow"], "statement": "This vulnerability is rated Moderate for Red Hat as it can lead to a Denial of Service in proxychains-ng when processing crafted proxy configuration entries with overly long username or password fields. This component is available in Red Hat Community Projects (EPEL and Fedora) and requires an attacker to provide a malicious configuration file. Exploitation requires user interaction with a malicious configuration or a compromised configuration source.", "threat_severity": "Moderate"}

{}