12 matches found
Mageia: Security Advisory (MGASA-2014-0070)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0343-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : socat (openSUSE-2015-324)
socat was updated 1.7.2.4 to fix one security issue and bugs. The following vulnerabilities were fixed : - socats PROXY-CONNECT address was vulnerable to a buffer overflow with data from command line CVE-2014-0019, boo860991 The following bugs were fixed : - socat would frequently crash on ppc an...
Amazon Linux AMI : socat (ALAS-2014-300)
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service segmentation fault via a long server name in the PROXY-CONNECT address in the command line. C Tenable Network Security, Inc. The descriptive text and package...
Low: socat
Issue Overview: Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service segmentation fault via a long server name in the PROXY-CONNECT address in the command line. Affected Packages: socat Issue Correction: Run yum...
Mandriva Linux Security Advisory : socat (MDVSA-2014:033)
A vulnerability has been discovered and corrected in socat : Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service segmentation fault via a long server name in the PROXY-CONNECT address in the command line...
Fedora 19 : socat-1.7.2.3-1.fc19 (2014-1795)
Security update for CVE-2014-0019, which fixes a denial of service flaw in socat when using PROXY-CONNECT Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much...
Fedora 20 : socat-1.7.2.3-1.fc20 (2014-1811)
Security update for CVE-2014-0019, which fixes a denial of service flaw in socat when using PROXY-CONNECT Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much...
socat PROXY-CONNECT地址栈缓冲区溢出漏洞
BUGTRAQ ID: 65201 CVECAN ID: CVE-2014-0019 Socat是一个基于命令行的工具,可以创建两个双向字节流并在其间传输数据。 socat 1.3.0.0-1.7.2.2、2.0.0-b1-2.0.0-b6存在栈缓冲区溢出漏洞,本地用户通过命令行内PROXY-CONNECT地址中的超长服务器名称,即可利用此漏洞在受影响应用中执行任意代码。 0 socat socat 2.0.0-b1 - 2.0.0-b6 socat socat 1.3.0.0 - 1.7.2.2 厂商补丁: socat -----...
CVE-2014-0019
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service segmentation fault via a long server name in the PROXY-CONNECT address in the command line...
CVE-2014-0019
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service segmentation fault via a long server name in the PROXY-CONNECT address in the command line...
FreeBSD : socat -- buffer overflow with data from command line (a4c9e12d-88b7-11e3-8ada-10bf48e1088e)
Florian Weimer of the Red Hat Product Security Team reports : Due to a missing check during assembly of the HTTP request line a long target server name in the PROXY-CONNECT address can cause a stack buffer overrun. Exploitation requires that the attacker is able to provide the target server name ...