Computer Security
[EN] securityvulns.ru no-pyccku


socat security vulnerabilities
Published:04.06.2013
Source:
SecurityVulns ID:13104
Type:local
Threat Level:
5/10
Description:Buffer overflow, file descriptor leakage.
CVE:CVE-2013-3571 (socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor consumption) via multiple request that are refused based on the (1) sourceport, (2) lowport, (3) range, or (4) tcpwrap restrictions.)
 CVE-2012-0219 (Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.)
Original documentdocumentMANDRIVA, [ MDVSA-2013:169 ] socat (04.06.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod