Search
Find a vulnerability
Search criteria
16 vulnerabilities by dest-unreach
CVE-2026-56123 (GCVE-0-2026-56123)
Vulnerability from nvd – Published: 2026-06-25 15:43 – Updated: 2026-06-26 02:03 X_Open Source
VLAI
Title
socat 1.8.0.0 - 1.8.1.1 Heap Buffer Overflow via SOCKS5 Reply Parser
Summary
socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read through a signed char field causing a negative bytes_to_read value that is implicitly converted to size_t, resulting in an unbounded heap write into the 262-byte reply buffer with attacker-controlled size and content.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.dest-unreach.org/socat/CHANGES | release-notespatch |
| https://www.vulncheck.com/advisories/socat-heap-b… | third-party-advisory |
Impacted products
Date Public
2026-06-25 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-26T02:03:26.743703Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T02:03:38.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "socat",
"repo": "https://repo.or.cz/socat.git",
"vendor": "socat",
"versions": [
{
"lessThan": "1.8.1.2",
"status": "affected",
"version": "1.8.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tristan Madani (@TristanInSec)"
}
],
"datePublic": "2026-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read through a signed char field causing a negative bytes_to_read value that is implicitly converted to size_t, resulting in an unbounded heap write into the 262-byte reply buffer with attacker-controlled size and content."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T15:43:19.580Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"release-notes",
"patch"
],
"url": "http://www.dest-unreach.org/socat/CHANGES"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/socat-heap-buffer-overflow-via-socks5-reply-parser"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_open-source"
],
"title": "socat 1.8.0.0 - 1.8.1.1 Heap Buffer Overflow via SOCKS5 Reply Parser",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56123",
"datePublished": "2026-06-25T15:43:19.580Z",
"dateReserved": "2026-06-18T19:15:10.651Z",
"dateUpdated": "2026-06-26T02:03:38.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-54661 (GCVE-0-2024-54661)
Vulnerability from nvd – Published: 2024-12-04 00:00 – Updated: 2025-01-09 16:30
VLAI
Summary
readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
- CWE-noinfo Not enough information
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| dest-unreach | socat |
Affected:
1.6.0.0 , < 1.8.0.2
(custom)
Affected: 2.0.0-b1 , ≤ 2.0.0-b9 (custom) |
|
| dest-unreach | socat |
Affected:
0 , ≤ 1.8.0.1
(custom)
cpe:2.3:a:dest-unreach:socat:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dest-unreach:socat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "socat",
"vendor": "dest-unreach",
"versions": [
{
"lessThanOrEqual": "1.8.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-54661",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:54:07.899241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T16:30:38.380Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "socat",
"vendor": "dest-unreach",
"versions": [
{
"lessThan": "1.8.0.2",
"status": "affected",
"version": "1.6.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.0.0-b9",
"status": "affected",
"version": "2.0.0-b1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dest-unreach:socat:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.8.0.2",
"versionStartIncluding": "1.6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dest-unreach:socat:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0.0-b9",
"versionStartIncluding": "2.0.0-b1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T01:00:11.506Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://repo.or.cz/socat.git/blob/6ff391324d2d3b9f6bfb58e7d16a20be43b47af7:/readline.sh#l29"
},
{
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv9.html"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-54661",
"datePublished": "2024-12-04T00:00:00.000Z",
"dateReserved": "2024-12-04T00:00:00.000Z",
"dateUpdated": "2025-01-09T16:30:38.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1379 (GCVE-0-2015-1379)
Vulnerability from nvd – Published: 2017-06-08 21:00 – Updated: 2024-08-06 04:40
VLAI
Summary
The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.dest-unreach.org/socat/ | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2015/04/06/4 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/72321 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2015/0… | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=1185711 | x_refsource_CONFIRM |
Date Public
2015-01-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/"
},
{
"name": "[oss-security] 20150406 Socat security advisory 6 - Possible DoS with fork (update: CVE-Id: CVE-2015-1379; fix for version 2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/04/06/4"
},
{
"name": "72321",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72321"
},
{
"name": "[oss-security] 20150127 Re: Socat security advisory 6 - Possible DoS with fork",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/19"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185711"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-08T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/"
},
{
"name": "[oss-security] 20150406 Socat security advisory 6 - Possible DoS with fork (update: CVE-Id: CVE-2015-1379; fix for version 2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/04/06/4"
},
{
"name": "72321",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72321"
},
{
"name": "[oss-security] 20150127 Re: Socat security advisory 6 - Possible DoS with fork",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/19"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185711"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.dest-unreach.org/socat/",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat/"
},
{
"name": "[oss-security] 20150406 Socat security advisory 6 - Possible DoS with fork (update: CVE-Id: CVE-2015-1379; fix for version 2)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/04/06/4"
},
{
"name": "72321",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72321"
},
{
"name": "[oss-security] 20150127 Re: Socat security advisory 6 - Possible DoS with fork",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/19"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185711",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185711"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1379",
"datePublished": "2017-06-08T21:00:00.000Z",
"dateReserved": "2015-01-27T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:40:18.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2217 (GCVE-0-2016-2217)
Vulnerability from nvd – Published: 2017-01-30 22:00 – Updated: 2024-08-05 23:24
VLAI
Summary
The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://security.gentoo.org/glsa/201612-23 | vendor-advisoryx_refsource_GENTOO |
| http://www.dest-unreach.org/socat/contrib/socat-s… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2016/02/04/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2016/02/01/4 | mailing-listx_refsource_MLIST |
Date Public
2016-02-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201612-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-23"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html"
},
{
"name": "[oss-security] 20160203 Re: Socat security advisory 7 - Created new 2048bit DH modulus",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/04/1"
},
{
"name": "[oss-security] 20160201 Socat security advisory 7 - Created new 2048bit DH modulus",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/01/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201612-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-23"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html"
},
{
"name": "[oss-security] 20160203 Re: Socat security advisory 7 - Created new 2048bit DH modulus",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/04/1"
},
{
"name": "[oss-security] 20160201 Socat security advisory 7 - Created new 2048bit DH modulus",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/01/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201612-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-23"
},
{
"name": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html"
},
{
"name": "[oss-security] 20160203 Re: Socat security advisory 7 - Created new 2048bit DH modulus",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/04/1"
},
{
"name": "[oss-security] 20160201 Socat security advisory 7 - Created new 2048bit DH modulus",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/01/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2217",
"datePublished": "2017-01-30T22:00:00.000Z",
"dateReserved": "2016-02-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T23:24:48.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3571 (GCVE-0-2013-3571)
Vulnerability from nvd – Published: 2014-05-08 14:00 – Updated: 2024-08-06 16:14
VLAI
Summary
socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor consumption) via multiple request that are refused based on the (1) sourceport, (2) lowport, (3) range, or (4) tcpwrap restrictions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.dest-unreach.org/socat/contrib/socat-s… | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://www.openwall.com/lists/oss-security/2013/05/26/1 | mailing-listx_refsource_MLIST |
Date Public
2013-05-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv4.html"
},
{
"name": "MDVSA-2013:169",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "[oss-security] 20130526 socat security advisory 4 - CVE-2013-3571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/26/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor consumption) via multiple request that are refused based on the (1) sourceport, (2) lowport, (3) range, or (4) tcpwrap restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T12:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv4.html"
},
{
"name": "MDVSA-2013:169",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "[oss-security] 20130526 socat security advisory 4 - CVE-2013-3571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/26/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor consumption) via multiple request that are refused based on the (1) sourceport, (2) lowport, (3) range, or (4) tcpwrap restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.dest-unreach.org/socat/contrib/socat-secadv4.html",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv4.html"
},
{
"name": "MDVSA-2013:169",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "[oss-security] 20130526 socat security advisory 4 - CVE-2013-3571",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/26/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3571",
"datePublished": "2014-05-08T14:00:00.000Z",
"dateReserved": "2013-05-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:14:56.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0019 (GCVE-0-2014-0019)
Vulnerability from nvd – Published: 2014-02-04 16:00 – Updated: 2024-08-06 08:58
VLAI
Summary
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://www.securityfocus.com/bid/65201 | vdb-entryx_refsource_BID |
| http://osvdb.org/102612 | vdb-entryx_refsource_OSVDB |
| http://seclists.org/oss-sec/2014/q1/159 | mailing-listx_refsource_MLIST |
| http://www.dest-unreach.org/socat | x_refsource_CONFIRM |
| http://www.dest-unreach.org/socat/contrib/socat-s… | x_refsource_MISC |
| http://lists.opensuse.org/opensuse-updates/2015-0… | vendor-advisoryx_refsource_SUSE |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
Date Public
2014-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:58:26.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2014-1795",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128229.html"
},
{
"name": "MDVSA-2014:033",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:033"
},
{
"name": "65201",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65201"
},
{
"name": "102612",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102612"
},
{
"name": "[oss-security] 20140128 Socat security advisory 5 - PROXY-CONNECT address overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q1/159"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt"
},
{
"name": "openSUSE-SU-2015:0760",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00043.html"
},
{
"name": "FEDORA-2014-1811",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128190.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-30T14:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2014-1795",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128229.html"
},
{
"name": "MDVSA-2014:033",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:033"
},
{
"name": "65201",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65201"
},
{
"name": "102612",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102612"
},
{
"name": "[oss-security] 20140128 Socat security advisory 5 - PROXY-CONNECT address overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q1/159"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt"
},
{
"name": "openSUSE-SU-2015:0760",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00043.html"
},
{
"name": "FEDORA-2014-1811",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128190.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2014-1795",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128229.html"
},
{
"name": "MDVSA-2014:033",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:033"
},
{
"name": "65201",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65201"
},
{
"name": "102612",
"refsource": "OSVDB",
"url": "http://osvdb.org/102612"
},
{
"name": "[oss-security] 20140128 Socat security advisory 5 - PROXY-CONNECT address overflow",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/159"
},
{
"name": "http://www.dest-unreach.org/socat",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat"
},
{
"name": "http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt",
"refsource": "MISC",
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt"
},
{
"name": "openSUSE-SU-2015:0760",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00043.html"
},
{
"name": "FEDORA-2014-1811",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128190.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0019",
"datePublished": "2014-02-04T16:00:00.000Z",
"dateReserved": "2013-12-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:58:26.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0219 (GCVE-0-2012-0219)
Vulnerability from nvd – Published: 2012-06-21 15:00 – Updated: 2024-08-06 18:16
VLAI
Summary
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/49746 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securitytracker.com/id?1027064 | vdb-entryx_refsource_SECTRACK |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://security.gentoo.org/glsa/glsa-201208-01.xml | vendor-advisoryx_refsource_GENTOO |
| http://www.dest-unreach.org/socat/contrib/socat-s… | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.lwn.net/Articles/504742/ | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/53510 | vdb-entryx_refsource_BID |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://www.osvdb.org/81969 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/49105 | third-party-advisoryx_refsource_SECUNIA |
| http://www.openwall.com/lists/oss-security/2012/05/14/2 | mailing-listx_refsource_MLIST |
Date Public
2012-05-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:19.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49746"
},
{
"name": "1027064",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027064"
},
{
"name": "FEDORA-2012-8328",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081882.html"
},
{
"name": "GLSA-201208-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201208-01.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv3.html"
},
{
"name": "FEDORA-2012-8274",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081619.html"
},
{
"name": "openSUSE-SU-2012:0809",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.lwn.net/Articles/504742/"
},
{
"name": "53510",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53510"
},
{
"name": "MDVSA-2013:169",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "81969",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/81969"
},
{
"name": "49105",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49105"
},
{
"name": "[oss-security] 20120514 socat security advisory",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/14/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T12:57:00.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "49746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49746"
},
{
"name": "1027064",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027064"
},
{
"name": "FEDORA-2012-8328",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081882.html"
},
{
"name": "GLSA-201208-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201208-01.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv3.html"
},
{
"name": "FEDORA-2012-8274",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081619.html"
},
{
"name": "openSUSE-SU-2012:0809",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.lwn.net/Articles/504742/"
},
{
"name": "53510",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53510"
},
{
"name": "MDVSA-2013:169",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "81969",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/81969"
},
{
"name": "49105",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49105"
},
{
"name": "[oss-security] 20120514 socat security advisory",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/14/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2012-0219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49746"
},
{
"name": "1027064",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027064"
},
{
"name": "FEDORA-2012-8328",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081882.html"
},
{
"name": "GLSA-201208-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201208-01.xml"
},
{
"name": "http://www.dest-unreach.org/socat/contrib/socat-secadv3.html",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv3.html"
},
{
"name": "FEDORA-2012-8274",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081619.html"
},
{
"name": "openSUSE-SU-2012:0809",
"refsource": "SUSE",
"url": "http://www.lwn.net/Articles/504742/"
},
{
"name": "53510",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53510"
},
{
"name": "MDVSA-2013:169",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "81969",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/81969"
},
{
"name": "49105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49105"
},
{
"name": "[oss-security] 20120514 socat security advisory",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/14/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2012-0219",
"datePublished": "2012-06-21T15:00:00.000Z",
"dateReserved": "2011-12-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:16:19.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2799 (GCVE-0-2010-2799)
Vulnerability from nvd – Published: 2010-09-14 20:03 – Updated: 2024-09-25 22:46
VLAI
Summary
Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=620426 | x_refsource_CONFIRM |
| http://www.dest-unreach.org/socat/download/socat-… | x_refsource_CONFIRM |
| http://www.dest-unreach.org/socat/contrib/socat-s… | x_refsource_CONFIRM |
| http://bugs.gentoo.org/show_bug.cgi?id=330785 | x_refsource_CONFIRM |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591443 | x_refsource_CONFIRM |
| http://www.debian.org/security/2010/dsa-2090 | vendor-advisoryx_refsource_DEBIAN |
| https://github.com/msmania/poodim/commit/6340d5d2… |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-09-25T22:46:51.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://github.com/msmania/poodim/commit/6340d5d2c81e55e61522c4b40a6cdd5c39738cc6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=620426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/download/socat-1.7.1.3.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591443"
},
{
"name": "DSA-2090",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2090"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-14T20:03:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=620426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/download/socat-1.7.1.3.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591443"
},
{
"name": "DSA-2090",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2090"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2799",
"datePublished": "2010-09-14T20:03:00.000Z",
"dateReserved": "2010-07-22T00:00:00.000Z",
"dateUpdated": "2024-09-25T22:46:51.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-56123 (GCVE-0-2026-56123)
Vulnerability from cvelistv5 – Published: 2026-06-25 15:43 – Updated: 2026-06-26 02:03 X_Open Source
VLAI
Title
socat 1.8.0.0 - 1.8.1.1 Heap Buffer Overflow via SOCKS5 Reply Parser
Summary
socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read through a signed char field causing a negative bytes_to_read value that is implicitly converted to size_t, resulting in an unbounded heap write into the 262-byte reply buffer with attacker-controlled size and content.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.dest-unreach.org/socat/CHANGES | release-notespatch |
| https://www.vulncheck.com/advisories/socat-heap-b… | third-party-advisory |
Impacted products
Date Public
2026-06-25 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-26T02:03:26.743703Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T02:03:38.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "socat",
"repo": "https://repo.or.cz/socat.git",
"vendor": "socat",
"versions": [
{
"lessThan": "1.8.1.2",
"status": "affected",
"version": "1.8.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tristan Madani (@TristanInSec)"
}
],
"datePublic": "2026-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read through a signed char field causing a negative bytes_to_read value that is implicitly converted to size_t, resulting in an unbounded heap write into the 262-byte reply buffer with attacker-controlled size and content."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T15:43:19.580Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"release-notes",
"patch"
],
"url": "http://www.dest-unreach.org/socat/CHANGES"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/socat-heap-buffer-overflow-via-socks5-reply-parser"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_open-source"
],
"title": "socat 1.8.0.0 - 1.8.1.1 Heap Buffer Overflow via SOCKS5 Reply Parser",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56123",
"datePublished": "2026-06-25T15:43:19.580Z",
"dateReserved": "2026-06-18T19:15:10.651Z",
"dateUpdated": "2026-06-26T02:03:38.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-54661 (GCVE-0-2024-54661)
Vulnerability from cvelistv5 – Published: 2024-12-04 00:00 – Updated: 2025-01-09 16:30
VLAI
Summary
readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
- CWE-noinfo Not enough information
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| dest-unreach | socat |
Affected:
1.6.0.0 , < 1.8.0.2
(custom)
Affected: 2.0.0-b1 , ≤ 2.0.0-b9 (custom) |
|
| dest-unreach | socat |
Affected:
0 , ≤ 1.8.0.1
(custom)
cpe:2.3:a:dest-unreach:socat:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dest-unreach:socat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "socat",
"vendor": "dest-unreach",
"versions": [
{
"lessThanOrEqual": "1.8.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-54661",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:54:07.899241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T16:30:38.380Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "socat",
"vendor": "dest-unreach",
"versions": [
{
"lessThan": "1.8.0.2",
"status": "affected",
"version": "1.6.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.0.0-b9",
"status": "affected",
"version": "2.0.0-b1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dest-unreach:socat:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.8.0.2",
"versionStartIncluding": "1.6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dest-unreach:socat:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0.0-b9",
"versionStartIncluding": "2.0.0-b1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T01:00:11.506Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://repo.or.cz/socat.git/blob/6ff391324d2d3b9f6bfb58e7d16a20be43b47af7:/readline.sh#l29"
},
{
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv9.html"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-54661",
"datePublished": "2024-12-04T00:00:00.000Z",
"dateReserved": "2024-12-04T00:00:00.000Z",
"dateUpdated": "2025-01-09T16:30:38.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1379 (GCVE-0-2015-1379)
Vulnerability from cvelistv5 – Published: 2017-06-08 21:00 – Updated: 2024-08-06 04:40
VLAI
Summary
The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.dest-unreach.org/socat/ | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2015/04/06/4 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/72321 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2015/0… | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=1185711 | x_refsource_CONFIRM |
Date Public
2015-01-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/"
},
{
"name": "[oss-security] 20150406 Socat security advisory 6 - Possible DoS with fork (update: CVE-Id: CVE-2015-1379; fix for version 2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/04/06/4"
},
{
"name": "72321",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72321"
},
{
"name": "[oss-security] 20150127 Re: Socat security advisory 6 - Possible DoS with fork",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/19"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185711"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-08T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/"
},
{
"name": "[oss-security] 20150406 Socat security advisory 6 - Possible DoS with fork (update: CVE-Id: CVE-2015-1379; fix for version 2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/04/06/4"
},
{
"name": "72321",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72321"
},
{
"name": "[oss-security] 20150127 Re: Socat security advisory 6 - Possible DoS with fork",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/19"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185711"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.dest-unreach.org/socat/",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat/"
},
{
"name": "[oss-security] 20150406 Socat security advisory 6 - Possible DoS with fork (update: CVE-Id: CVE-2015-1379; fix for version 2)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/04/06/4"
},
{
"name": "72321",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72321"
},
{
"name": "[oss-security] 20150127 Re: Socat security advisory 6 - Possible DoS with fork",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/19"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185711",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185711"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1379",
"datePublished": "2017-06-08T21:00:00.000Z",
"dateReserved": "2015-01-27T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:40:18.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2217 (GCVE-0-2016-2217)
Vulnerability from cvelistv5 – Published: 2017-01-30 22:00 – Updated: 2024-08-05 23:24
VLAI
Summary
The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://security.gentoo.org/glsa/201612-23 | vendor-advisoryx_refsource_GENTOO |
| http://www.dest-unreach.org/socat/contrib/socat-s… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2016/02/04/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2016/02/01/4 | mailing-listx_refsource_MLIST |
Date Public
2016-02-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201612-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-23"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html"
},
{
"name": "[oss-security] 20160203 Re: Socat security advisory 7 - Created new 2048bit DH modulus",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/04/1"
},
{
"name": "[oss-security] 20160201 Socat security advisory 7 - Created new 2048bit DH modulus",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/01/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201612-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-23"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html"
},
{
"name": "[oss-security] 20160203 Re: Socat security advisory 7 - Created new 2048bit DH modulus",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/04/1"
},
{
"name": "[oss-security] 20160201 Socat security advisory 7 - Created new 2048bit DH modulus",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/01/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201612-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-23"
},
{
"name": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html"
},
{
"name": "[oss-security] 20160203 Re: Socat security advisory 7 - Created new 2048bit DH modulus",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/04/1"
},
{
"name": "[oss-security] 20160201 Socat security advisory 7 - Created new 2048bit DH modulus",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/01/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2217",
"datePublished": "2017-01-30T22:00:00.000Z",
"dateReserved": "2016-02-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T23:24:48.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3571 (GCVE-0-2013-3571)
Vulnerability from cvelistv5 – Published: 2014-05-08 14:00 – Updated: 2024-08-06 16:14
VLAI
Summary
socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor consumption) via multiple request that are refused based on the (1) sourceport, (2) lowport, (3) range, or (4) tcpwrap restrictions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.dest-unreach.org/socat/contrib/socat-s… | x_refsource_CONFIRM |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://www.openwall.com/lists/oss-security/2013/05/26/1 | mailing-listx_refsource_MLIST |
Date Public
2013-05-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv4.html"
},
{
"name": "MDVSA-2013:169",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "[oss-security] 20130526 socat security advisory 4 - CVE-2013-3571",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/26/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor consumption) via multiple request that are refused based on the (1) sourceport, (2) lowport, (3) range, or (4) tcpwrap restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T12:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv4.html"
},
{
"name": "MDVSA-2013:169",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "[oss-security] 20130526 socat security advisory 4 - CVE-2013-3571",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/26/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor consumption) via multiple request that are refused based on the (1) sourceport, (2) lowport, (3) range, or (4) tcpwrap restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.dest-unreach.org/socat/contrib/socat-secadv4.html",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv4.html"
},
{
"name": "MDVSA-2013:169",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "[oss-security] 20130526 socat security advisory 4 - CVE-2013-3571",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/26/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3571",
"datePublished": "2014-05-08T14:00:00.000Z",
"dateReserved": "2013-05-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:14:56.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0019 (GCVE-0-2014-0019)
Vulnerability from cvelistv5 – Published: 2014-02-04 16:00 – Updated: 2024-08-06 08:58
VLAI
Summary
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://www.securityfocus.com/bid/65201 | vdb-entryx_refsource_BID |
| http://osvdb.org/102612 | vdb-entryx_refsource_OSVDB |
| http://seclists.org/oss-sec/2014/q1/159 | mailing-listx_refsource_MLIST |
| http://www.dest-unreach.org/socat | x_refsource_CONFIRM |
| http://www.dest-unreach.org/socat/contrib/socat-s… | x_refsource_MISC |
| http://lists.opensuse.org/opensuse-updates/2015-0… | vendor-advisoryx_refsource_SUSE |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
Date Public
2014-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:58:26.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2014-1795",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128229.html"
},
{
"name": "MDVSA-2014:033",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:033"
},
{
"name": "65201",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65201"
},
{
"name": "102612",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102612"
},
{
"name": "[oss-security] 20140128 Socat security advisory 5 - PROXY-CONNECT address overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q1/159"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt"
},
{
"name": "openSUSE-SU-2015:0760",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00043.html"
},
{
"name": "FEDORA-2014-1811",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128190.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-30T14:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2014-1795",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128229.html"
},
{
"name": "MDVSA-2014:033",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:033"
},
{
"name": "65201",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65201"
},
{
"name": "102612",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102612"
},
{
"name": "[oss-security] 20140128 Socat security advisory 5 - PROXY-CONNECT address overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q1/159"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt"
},
{
"name": "openSUSE-SU-2015:0760",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00043.html"
},
{
"name": "FEDORA-2014-1811",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128190.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2014-1795",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128229.html"
},
{
"name": "MDVSA-2014:033",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:033"
},
{
"name": "65201",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65201"
},
{
"name": "102612",
"refsource": "OSVDB",
"url": "http://osvdb.org/102612"
},
{
"name": "[oss-security] 20140128 Socat security advisory 5 - PROXY-CONNECT address overflow",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/159"
},
{
"name": "http://www.dest-unreach.org/socat",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat"
},
{
"name": "http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt",
"refsource": "MISC",
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt"
},
{
"name": "openSUSE-SU-2015:0760",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00043.html"
},
{
"name": "FEDORA-2014-1811",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128190.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0019",
"datePublished": "2014-02-04T16:00:00.000Z",
"dateReserved": "2013-12-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:58:26.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0219 (GCVE-0-2012-0219)
Vulnerability from cvelistv5 – Published: 2012-06-21 15:00 – Updated: 2024-08-06 18:16
VLAI
Summary
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/49746 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securitytracker.com/id?1027064 | vdb-entryx_refsource_SECTRACK |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://security.gentoo.org/glsa/glsa-201208-01.xml | vendor-advisoryx_refsource_GENTOO |
| http://www.dest-unreach.org/socat/contrib/socat-s… | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.lwn.net/Articles/504742/ | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/53510 | vdb-entryx_refsource_BID |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://www.osvdb.org/81969 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/49105 | third-party-advisoryx_refsource_SECUNIA |
| http://www.openwall.com/lists/oss-security/2012/05/14/2 | mailing-listx_refsource_MLIST |
Date Public
2012-05-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:19.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49746"
},
{
"name": "1027064",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027064"
},
{
"name": "FEDORA-2012-8328",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081882.html"
},
{
"name": "GLSA-201208-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201208-01.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv3.html"
},
{
"name": "FEDORA-2012-8274",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081619.html"
},
{
"name": "openSUSE-SU-2012:0809",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.lwn.net/Articles/504742/"
},
{
"name": "53510",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53510"
},
{
"name": "MDVSA-2013:169",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "81969",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/81969"
},
{
"name": "49105",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49105"
},
{
"name": "[oss-security] 20120514 socat security advisory",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/14/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T12:57:00.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "49746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49746"
},
{
"name": "1027064",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027064"
},
{
"name": "FEDORA-2012-8328",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081882.html"
},
{
"name": "GLSA-201208-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201208-01.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv3.html"
},
{
"name": "FEDORA-2012-8274",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081619.html"
},
{
"name": "openSUSE-SU-2012:0809",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.lwn.net/Articles/504742/"
},
{
"name": "53510",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53510"
},
{
"name": "MDVSA-2013:169",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "81969",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/81969"
},
{
"name": "49105",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49105"
},
{
"name": "[oss-security] 20120514 socat security advisory",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/14/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2012-0219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49746"
},
{
"name": "1027064",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027064"
},
{
"name": "FEDORA-2012-8328",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081882.html"
},
{
"name": "GLSA-201208-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201208-01.xml"
},
{
"name": "http://www.dest-unreach.org/socat/contrib/socat-secadv3.html",
"refsource": "CONFIRM",
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv3.html"
},
{
"name": "FEDORA-2012-8274",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081619.html"
},
{
"name": "openSUSE-SU-2012:0809",
"refsource": "SUSE",
"url": "http://www.lwn.net/Articles/504742/"
},
{
"name": "53510",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53510"
},
{
"name": "MDVSA-2013:169",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:169"
},
{
"name": "81969",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/81969"
},
{
"name": "49105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49105"
},
{
"name": "[oss-security] 20120514 socat security advisory",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/14/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2012-0219",
"datePublished": "2012-06-21T15:00:00.000Z",
"dateReserved": "2011-12-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:16:19.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2799 (GCVE-0-2010-2799)
Vulnerability from cvelistv5 – Published: 2010-09-14 20:03 – Updated: 2024-09-25 22:46
VLAI
Summary
Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=620426 | x_refsource_CONFIRM |
| http://www.dest-unreach.org/socat/download/socat-… | x_refsource_CONFIRM |
| http://www.dest-unreach.org/socat/contrib/socat-s… | x_refsource_CONFIRM |
| http://bugs.gentoo.org/show_bug.cgi?id=330785 | x_refsource_CONFIRM |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591443 | x_refsource_CONFIRM |
| http://www.debian.org/security/2010/dsa-2090 | vendor-advisoryx_refsource_DEBIAN |
| https://github.com/msmania/poodim/commit/6340d5d2… |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-09-25T22:46:51.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://github.com/msmania/poodim/commit/6340d5d2c81e55e61522c4b40a6cdd5c39738cc6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=620426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/download/socat-1.7.1.3.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591443"
},
{
"name": "DSA-2090",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2090"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-14T20:03:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=620426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/download/socat-1.7.1.3.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591443"
},
{
"name": "DSA-2090",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2090"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2799",
"datePublished": "2010-09-14T20:03:00.000Z",
"dateReserved": "2010-07-22T00:00:00.000Z",
"dateUpdated": "2024-09-25T22:46:51.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}