Telegram Group & Telegram Channel
Telegram Group » Hong Kong » V2Fly - Notification and Updates, V2Ray the second new » Telegram Webview » Post 89
V2Fly - Notification and Updates, V2Ray the second new
v4.45.2 v5.0.7 is released. (Security Release)
This release includes security enhancement for all users.

## !!! Important SECURITY enhancement !!!
* Fix DoS attack vulnerability in VMess Option Processing. (Thanks @nekohasekai )

## Security Advisory
This update fixes a DoS vulnerability in V2Ray. This vulnerability allows a VMess Client with authentication information controlled by an attacker to crash a VMess Server by sending a specially crafted VMess handshake message with an invalid option or encryption type. This vulnerability does NOT allow the attacker to retrieve any information(other than it used an unpatched version of the software) and does NOT allow an attacker to control the unpatched software or system. It is strongly recommended for all users to apply this security update at the earliest possible opportunity. We would like to thank @nekohasekai for the discovery of this vulnerability.

此更新修复了在 V2Ray 中的一个拒绝服务攻击漏洞。这个漏洞允许攻击者控制的拥有认证信息的 VMess 客户端迫使 VMess 服务器端崩溃。这个漏洞可以通过在 VMess 握手阶段由客户端发送一个恶意的数据包被触发,触发漏洞数据包拥有无效的选项或加密方式。 攻击者 无法 通过这个漏洞获取任何信息(除客户端尚未应用此安全更新以外),也 不会 允许攻击者控制客户端软件或系统。强烈推荐所有用户在第一时间应用本安全更新。我们在此感谢 @nekohasekai 发现此漏洞。

Edit: Fixed a typo. Last version of this document withdrawn.
GitHub
Release v4.45.2 · v2fly/v2ray-core
This release includes security enhancement for all users.
!!! Important SECURITY enhancement !!!

Fix DoS attack vulnerability in VMess Option Processing. (Thanks @nekohasekai )

Security Advisory
...
www.tg-me.com/hk/V2Fly Notification and Updates V2Ray the second new/com.v2fly/89
22.3K viewsShelikhoo [aka Shell] 0x7791BDB0709ABD21, edited  



tg-me.com/v2fly/89
Create:
Last Update:

v4.45.2 v5.0.7 is released. (Security Release)
This release includes security enhancement for all users.

## !!! Important SECURITY enhancement !!!
* Fix DoS attack vulnerability in VMess Option Processing. (Thanks @nekohasekai )

## Security Advisory
This update fixes a DoS vulnerability in V2Ray. This vulnerability allows a VMess Client with authentication information controlled by an attacker to crash a VMess Server by sending a specially crafted VMess handshake message with an invalid option or encryption type. This vulnerability does NOT allow the attacker to retrieve any information(other than it used an unpatched version of the software) and does NOT allow an attacker to control the unpatched software or system. It is strongly recommended for all users to apply this security update at the earliest possible opportunity. We would like to thank @nekohasekai for the discovery of this vulnerability.

此更新修复了在 V2Ray 中的一个拒绝服务攻击漏洞。这个漏洞允许攻击者控制的拥有认证信息的 VMess 客户端迫使 VMess 服务器端崩溃。这个漏洞可以通过在 VMess 握手阶段由客户端发送一个恶意的数据包被触发,触发漏洞数据包拥有无效的选项或加密方式。 攻击者 无法 通过这个漏洞获取任何信息(除客户端尚未应用此安全更新以外),也 不会 允许攻击者控制客户端软件或系统。强烈推荐所有用户在第一时间应用本安全更新。我们在此感谢 @nekohasekai 发现此漏洞。

Edit: Fixed a typo. Last version of this document withdrawn.

BY V2Fly - Notification and Updates, V2Ray the second new




Share with your friend now:
tg-me.com/v2fly/89

View MORE
Open in Telegram


V2Fly Notification and Updates V2Ray the second new Telegram | DID YOU KNOW?

Date: |

Dump Scam in Leaked Telegram Chat

A leaked Telegram discussion by 50 so-called crypto influencers has exposed the extraordinary steps they take in order to profit on the back off unsuspecting defi investors. According to a leaked screenshot of the chat, an elaborate plan to defraud defi investors using the worthless “$Few” tokens had been hatched. $Few tokens would be airdropped to some of the influencers who in turn promoted these to unsuspecting followers on Twitter.

Start with a fresh view of investing strategy. The combination of risks and fads this quarter looks to be topping. That means the future is ready to move in.Likely, there will not be a wholesale shift. Company actions will aim to benefit from economic growth, inflationary pressures and a return of market-determined interest rates. In turn, all of that should drive the stock market and investment returns higher.

V2Fly Notification and Updates V2Ray the second new from hk


v4.45.2 v5.0.7 is released. (Security Release)This release includes security enhancement for all users.## !!! Important SECURITY enhancement !!!* Fix DoS attack vulnerability in VMess Option Processing. (Thanks @nekohasekai )## Security AdvisoryThis update fixes a DoS vulnerability in V2Ray. This vulnerability allows a VMess Client with authentication information controlled by an attacker to crash a VMess Server by sending a specially crafted VMess handshake message with an invalid option or encryption type. This vulnerability does NOT allow the attacker to retrieve any information(other than it used an unpatched version of the software) and does NOT allow an attacker to control the unpatched software or system. It is strongly recommended for all users to apply this security update at the earliest possible opportunity. We would like to thank @nekohasekai for the discovery of this vulnerability.此更新修复了在 V2Ray 中的一个拒绝服务攻击漏洞。这个漏洞允许攻击者控制的拥有认证信息的 VMess 客户端迫使 VMess 服务器端崩溃。这个漏洞可以通过在 VMess 握手阶段由客户端发送一个恶意的数据包被触发,触发漏洞数据包拥有无效的选项或加密方式。 攻击者 无法 通过这个漏洞获取任何信息(除客户端尚未应用此安全更新以外),也 不会 允许攻击者控制客户端软件或系统。强烈推荐所有用户在第一时间应用本安全更新。我们在此感谢 @nekohasekai 发现此漏洞。Edit: Fixed a typo. Last version of this document withdrawn.

 V2Fly - Notification and Updates, V2Ray the second new TG
Webview: 89
V2Fly - Notification and Updates, V2Ray the second new.Telegram Webview
V2Fly - Notification and Updates, V2Ray the second new Telegram TG Channel
Telegram Updated:
Telegram V2Fly - Notification and Updates, V2Ray the second new
FROM USA