Lucene search

[email protected]CVE-2013-3571

HistoryMay 08, 2014 - 2:29 p.m.

CVE-2013-3571

2014-05-0814:29:08

[email protected]

web.nvd.nist.gov

cve

socat

denial of service

file descriptor

remote attackers

nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.1%

JSON

socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor consumption) via multiple request that are refused based on the (1) sourceport, (2) lowport, (3) range, or (4) tcpwrap restrictions.

Affected configurations

NVD

Node

dest-unreachsocatMatch1.2.0.0

dest-unreachsocatMatch1.3.0.0

dest-unreachsocatMatch1.3.0.1

dest-unreachsocatMatch1.3.1.0

dest-unreachsocatMatch1.3.2.0

dest-unreachsocatMatch1.3.2.1

dest-unreachsocatMatch1.3.2.2

dest-unreachsocatMatch1.4.0.0

dest-unreachsocatMatch1.4.0.1

dest-unreachsocatMatch1.4.0.2

dest-unreachsocatMatch1.4.0.3

dest-unreachsocatMatch1.4.1.0

dest-unreachsocatMatch1.4.2.0

dest-unreachsocatMatch1.4.3.0

dest-unreachsocatMatch1.4.3.1

dest-unreachsocatMatch1.5.0.0

dest-unreachsocatMatch1.6.0.0

dest-unreachsocatMatch1.6.0.1

dest-unreachsocatMatch1.7.0.0

dest-unreachsocatMatch1.7.0.1

dest-unreachsocatMatch1.7.1.0

dest-unreachsocatMatch1.7.1.1

dest-unreachsocatMatch1.7.1.2

dest-unreachsocatMatch1.7.1.3

dest-unreachsocatMatch1.7.2.0

dest-unreachsocatMatch1.7.2.1

dest-unreachsocatMatch2.0.0b1

dest-unreachsocatMatch2.0.0b2

dest-unreachsocatMatch2.0.0b3

dest-unreachsocatMatch2.0.0b4

dest-unreachsocatMatch2.0.0b5

CPENameOperatorVersion
dest-unreach:socatdest-unreach socateq1.2.0.0
dest-unreach:socatdest-unreach socateq1.3.0.0
dest-unreach:socatdest-unreach socateq1.3.0.1
dest-unreach:socatdest-unreach socateq1.3.1.0
dest-unreach:socatdest-unreach socateq1.3.2.0
dest-unreach:socatdest-unreach socateq1.3.2.1
dest-unreach:socatdest-unreach socateq1.3.2.2
dest-unreach:socatdest-unreach socateq1.4.0.0
dest-unreach:socatdest-unreach socateq1.4.0.1
dest-unreach:socatdest-unreach socateq1.4.0.2

CPE	Name	Operator	Version
dest-unreach:socat	dest-unreach socat	eq	1.2.0.0
dest-unreach:socat	dest-unreach socat	eq	1.3.0.0
dest-unreach:socat	dest-unreach socat	eq	1.3.0.1
dest-unreach:socat	dest-unreach socat	eq	1.3.1.0
dest-unreach:socat	dest-unreach socat	eq	1.3.2.0
dest-unreach:socat	dest-unreach socat	eq	1.3.2.1
dest-unreach:socat	dest-unreach socat	eq	1.3.2.2
dest-unreach:socat	dest-unreach socat	eq	1.4.0.0
dest-unreach:socat	dest-unreach socat	eq	1.4.0.1
dest-unreach:socat	dest-unreach socat	eq	1.4.0.2