3 matches found
CVE-2016-2217
CVE-2016-2217 concerns socat’s OpenSSL address implementation. The issue is that in socat versions 1.7.3.0 and 2.0.0-b8 , the Diffie-Hellman (DH) parameter uses a non-prime value, making it easier for a remote attacker to deduce the shared secret. The vulnerability affects the OpenSSL handling wi...
GLSA-201612-23 : socat: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201612-23 socat: Multiple vulnerabilities Multiple vulnerabilities have been discovered in socat. Please review the references below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges...
MGASA-2016-0053 Updated socat packages fix security vulnerability
In socat before 2.0.0-b9, in the OpenSSL address implementation, the hard coded 1024 bit DH p parameter was not prime. It may be possible for an eavesdropper to recover the shared secret from a key exchange CVE-2016-2217. In socat before 2.0.0-b9, a stack overflow vulnerability was found that can...