cbcvebase.
CVE-2010-2799
published 2010-09-14

CVE-2010-2799: Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay…

PriorityP434medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
2.75%
84.4th percentile
Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments.

Affected

13 ranges
VendorProductVersion rangeFixed in
debiansocat< socat 1.7.1.3-1 (bookworm)socat 1.7.1.3-1 (bookworm)
dest-unreachsocat
dest-unreachsocat
dest-unreachsocat
dest-unreachsocat
dest-unreachsocat
dest-unreachsocat
dest-unreachsocat
dest-unreachsocat
dest-unreachsocat>= 0 < 1.7.1.3-11.7.1.3-1
dest-unreachsocat>= 0 < 1.7.1.3-11.7.1.3-1
dest-unreachsocat>= 0 < 1.7.1.3-11.7.1.3-1
dest-unreachsocat>= 0 < 1.7.1.3-11.7.1.3-1

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.