Socat
Monthly
The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the. Rated low severity (CVSS 1.9).
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the. Rated medium severity (CVSS 6.2).
Heap-based buffer overflow in socat's SOCKS5 reply parser allows a malicious or compromised SOCKS5 proxy server to corrupt heap memory in clients that route connections through it, with potential for code execution. The flaw affects socat versions prior to 1.8.1.2 (packaged on Alpine Linux as 1.8.1.2-r0) and is triggered when socat acts as a SOCKS5 client and processes an attacker-crafted server reply. No public exploit identified at time of analysis; the CVSS 4.0 base score is 9.2, but the High attack complexity (AC:H) reflects that exploitation depends on a specific SOCKS5 usage path.
The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the. Rated low severity (CVSS 1.9).
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the. Rated medium severity (CVSS 6.2).
Heap-based buffer overflow in socat's SOCKS5 reply parser allows a malicious or compromised SOCKS5 proxy server to corrupt heap memory in clients that route connections through it, with potential for code execution. The flaw affects socat versions prior to 1.8.1.2 (packaged on Alpine Linux as 1.8.1.2-r0) and is triggered when socat acts as a SOCKS5 client and processes an attacker-crafted server reply. No public exploit identified at time of analysis; the CVSS 4.0 base score is 9.2, but the High attack complexity (AC:H) reflects that exploitation depends on a specific SOCKS5 usage path.