Download
| Alert*
|
oval:org.secpod.oval:def:104981
Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device , a socket , an SSL socket, proxy CONNECT connection, a file descriptor , the GNU line editor , a program, or a combination of two of these. The compat-read ... oval:org.secpod.oval:def:104991 Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device , a socket , an SSL socket, proxy CONNECT connection, a file descriptor , the GNU line editor , a program, or a combination of two of these. The compat-read ... oval:org.secpod.oval:def:1600304 socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service via multiple request that are refused based on the sourceport, lowport, range, or tcpwrap restrictions. oval:org.secpod.oval:def:89045142 This update for socat fixes the following issues: - CVE-2013-3571: Fix a file descriptor leak that could have been misused for a denial of service attack against socat running in server mode - CVE-2014-0019: PROXY-CONNECT address was vulnerable to a stack buffer overflow - Fix a stack overflow in ... oval:org.secpod.oval:def:1300198 Multiple vulnerabilities has been discovered and corrected in socat: A heap based buffer overflow vulnerability has been found with data that happens to be output on the READLINE address. Successful exploitation may allow an attacker to execute arbitrary code with the privileges of the socat process ... oval:org.secpod.oval:def:1802073 Overview Under certain circumstances an FD leak occurs and can be misused for denial of service attacks against socat running in server mode.added Normal tag:security type:bug + 1 deleted label |
