Vulnerability CVE-2010-2799: Information

Description

Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments.

Severity: MEDIUM (6.8)

URL: https://nvd.nist.gov/vuln/detail/CVE-2010-2799
Published: Sept. 15, 2010
Modified: Sept. 15, 2010
Error type identifier: CWE-119

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://bugzilla.redhat.com/show_bug.cgi?id=620426
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591443
      http://bugs.gentoo.org/show_bug.cgi?id=330785
        http://www.dest-unreach.org/socat/download/socat-1.7.1.3.patch
        • Patch
        http://www.dest-unreach.org/socat/contrib/socat-secadv2.html
        • Vendor Advisory
        DSA-2090

            1. Configuration 1

              cpe:2.3:a:dest-unreach:socat:1.7.1.1:*:*:*:*:*:*:*
              cpe:2.3:a:dest-unreach:socat:1.7.0.0:*:*:*:*:*:*:*
              cpe:2.3:a:dest-unreach:socat:1.5.0.0:*:*:*:*:*:*:*
              cpe:2.3:a:dest-unreach:socat:2.0.0:b3:*:*:*:*:*:*
              cpe:2.3:a:dest-unreach:socat:1.6.0.0:*:*:*:*:*:*:*
              cpe:2.3:a:dest-unreach:socat:1.7.1.0:*:*:*:*:*:*:*
              cpe:2.3:a:dest-unreach:socat:2.0.0:b2:*:*:*:*:*:*
              cpe:2.3:a:dest-unreach:socat:1.6.0.1:*:*:*:*:*:*:*
              cpe:2.3:a:dest-unreach:socat:2.0.0:b1:*:*:*:*:*:*
              cpe:2.3:a:dest-unreach:socat:1.7.0.1:*:*:*:*:*:*:*
          VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
          Version: v24.5.0
          Back to top