Lucene search

RedhatCVE-2014-0019

HistoryFeb 04, 2014 - 9:55 p.m.

CVE-2014-0019

2014-02-0421:55:05

CWE-119

redhat

web.nvd.nist.gov

cve

2014

buffer overflow

socat

denial of service

segmentation fault

nvd

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.

Affected configurations

Nvd

Node

dest-unreachsocatMatch2.0.0b1

dest-unreachsocatMatch2.0.0b2

dest-unreachsocatMatch2.0.0b3

dest-unreachsocatMatch2.0.0b4

dest-unreachsocatMatch2.0.0b5

dest-unreachsocatMatch2.0.0b6

Node

fedoraprojectfedoraMatch19

fedoraprojectfedoraMatch20

Node

opensuseopensuseMatch13.1

Node

dest-unreachsocatMatch1.3.0.0

dest-unreachsocatMatch1.3.0.1

dest-unreachsocatMatch1.3.1.0

dest-unreachsocatMatch1.3.2.0

dest-unreachsocatMatch1.3.2.1

dest-unreachsocatMatch1.3.2.2

dest-unreachsocatMatch1.4.0.0

dest-unreachsocatMatch1.4.0.1

dest-unreachsocatMatch1.4.0.2

dest-unreachsocatMatch1.4.0.3

dest-unreachsocatMatch1.4.1.0

dest-unreachsocatMatch1.4.2.0

dest-unreachsocatMatch1.4.3.0

dest-unreachsocatMatch1.4.3.1

dest-unreachsocatMatch1.5.0.0

dest-unreachsocatMatch1.6.0.0

dest-unreachsocatMatch1.6.0.1

dest-unreachsocatMatch1.7.0.0

dest-unreachsocatMatch1.7.0.1

dest-unreachsocatMatch1.7.1.0

dest-unreachsocatMatch1.7.1.1

dest-unreachsocatMatch1.7.1.2

dest-unreachsocatMatch1.7.1.3

dest-unreachsocatMatch1.7.2.0

dest-unreachsocatMatch1.7.2.1

dest-unreachsocatMatch1.7.2.2

VendorProductVersionCPE
dest-unreachsocat2.0.0cpe:2.3:a:dest-unreach:socat:2.0.0:b1:*:*:*:*:*:*
dest-unreachsocat2.0.0cpe:2.3:a:dest-unreach:socat:2.0.0:b2:*:*:*:*:*:*
dest-unreachsocat2.0.0cpe:2.3:a:dest-unreach:socat:2.0.0:b3:*:*:*:*:*:*
dest-unreachsocat2.0.0cpe:2.3:a:dest-unreach:socat:2.0.0:b4:*:*:*:*:*:*
dest-unreachsocat2.0.0cpe:2.3:a:dest-unreach:socat:2.0.0:b5:*:*:*:*:*:*
dest-unreachsocat2.0.0cpe:2.3:a:dest-unreach:socat:2.0.0:b6:*:*:*:*:*:*
fedoraprojectfedora19cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
fedoraprojectfedora20cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
opensuseopensuse13.1cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
dest-unreachsocat1.3.0.0cpe:2.3:a:dest-unreach:socat:1.3.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dest-unreach	socat	2.0.0	cpe:2.3:a:dest-unreach:socat:2.0.0:b1::::::
dest-unreach	socat	2.0.0	cpe:2.3:a:dest-unreach:socat:2.0.0:b2::::::
dest-unreach	socat	2.0.0	cpe:2.3:a:dest-unreach:socat:2.0.0:b3::::::
dest-unreach	socat	2.0.0	cpe:2.3:a:dest-unreach:socat:2.0.0:b4::::::
dest-unreach	socat	2.0.0	cpe:2.3:a:dest-unreach:socat:2.0.0:b5::::::
dest-unreach	socat	2.0.0	cpe:2.3:a:dest-unreach:socat:2.0.0:b6::::::
fedoraproject	fedora	19	cpe:2.3:o:fedoraproject:fedora:19:::::::*
fedoraproject	fedora	20	cpe:2.3:o:fedoraproject:fedora:20:::::::*
opensuse	opensuse	13.1	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
dest-unreach	socat	1.3.0.0	cpe:2.3:a:dest-unreach:socat:1.3.0.0:::::::*