Lucene search
K

369 matches found

OSV
OSV
added 2026/06/29 12:0 a.m.2 views

OPENSUSE-SU-2026:11151-1 socat-1.8.1.3-1.1 on GA media

These are all security issues fixed in the socat-1.8.1.3-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS5.8AI score0.00308EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-56123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 5:17 p.m.3 views

DEBIAN-CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 5:17 p.m.3 views

ALPINE-CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 5:17 p.m.9 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS0.00308EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 5:17 p.m.2 views

UBUNTU-CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 3:43 p.m.22 views

CVE-2026-56123

CVE-2026-56123 affects socat versions 1.8.0.0 through 1.8.1.1. A signed-char sign-extension bug in the DOMAINNAME reply parser during SOCKS5 handshake allows a negative bytes_to_read value to be implicitly converted to size_t, causing an unbounded heap write into a 262-byte reply buffer. This res...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 3:43 p.m.5 views

EUVD-2026-39455

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS6.2AI score0.00308EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:43 p.m.6 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS6.2AI score0.00308EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/25 3:43 p.m.36 views

CVE-2026-56123 socat 1.8.0.0 - 1.8.1.1 Heap Buffer Overflow via SOCKS5 Reply Parser

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS0.00308EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 3:43 p.m.5 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/25 3:43 p.m.7 views

CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References2
Metasploit
Metasploit
added 2026/06/18 7:1 p.m.174 views

OS Command Exec, Unix Command Shell, Bind TCP (via socat)

Execute an OS command from PHP. Creates an interactive shell via socat Module Options msf use payload/php/unix/cmd/bindsocattcp msf payloadbindsocattcp show actions ...actions... msf payloadbindsocattcp set ACTION msf payloadbindsocattcp show options ...show and set options... msf...

5.9AI score
Exploits0
Metasploit
Metasploit
added 2026/06/18 7:1 p.m.165 views

Unix Command Shell, Bind TCP (via socat)

Creates an interactive shell via socat Module Options msf use payload/cmd/unix/bindsocattcp msf payloadbindsocattcp show actions ...actions... msf payloadbindsocattcp set ACTION msf payloadbindsocattcp show options ...show and set options... msf payloadbindsocattcp run This module requires...

9.2CVSS5.9AI score0.24469EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.13 views

Amazon Linux 2 : socat, --advisory ALAS2-2026-3303 (ALAS-2026-3303)

The version of socat installed on the remote host is prior to 1.7.3.2-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3303 advisory. readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file. CVE-2024-54661 Tenable has extracted the preceding...

9.8CVSS5.8AI score0.008EPSS
Exploits0References4
Amazon
Amazon
added 2026/05/26 12:0 a.m.13 views

Low: socat

Issue Overview: readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file. CVE-2024-54661 Affected Packages: socat Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

9.8CVSS6.8AI score0.008EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/16 12:0 a.m.9 views

Amazon Linux 2023 : socat (ALAS2023-2026-1701)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1701 advisory. readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file. CVE-2024-54661 Tenable has extracted the preceding description block directly from the tested product security advisory. Note...

9.8CVSS6.8AI score0.008EPSS
Exploits0References4
Amazon
Amazon
added 2026/05/15 12:0 a.m.13 views

Low: socat

Issue Overview: readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file. CVE-2024-54661 Affected Packages: socat Issue Correction: Run dnf update socat --releasever 2023.11.20260514 or dnf update --advisory ALAS2023-2026-1701 --releasever 2023.11.20260514 to update your system...

9.8CVSS6.8AI score0.008EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/09 12:0 a.m.6 views

Tracing the Chain: Deep Learning for Stepping-Stone Intrusion Detection

Stepping-stone intrusions SSIs are a prevalent network evasion technique in which attackers route sessions through chains of compromised intermediate hosts to obscure their origin. Effective SSI detection requires correlating the incoming and outgoing flows at each relay host at extremely low fal...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.7 views

MiracleLinux 7 : socat-1.7.3.2-2.el7 (AXBA:2017-1813:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXBA:2017-1813:01 advisory. - The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service process freeze or crash...

7.5CVSS5.7AI score0.0393EPSS
Exploits0References2
Rows per page
Query Builder