CVE-2012-0219
published 2012-06-21CVE-2012-0219: Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users…
PriorityP427medium6.2CVSS 2.0
AVLACHAuNCCICAC
EPSS
0.46%
36.2th percentile
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | socat | < socat 1.7.1.3-1.3 (bookworm) | socat 1.7.1.3-1.3 (bookworm) |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | >= 0 < 1.7.1.3-1.3 | 1.7.1.3-1.3 |
| dest-unreach | socat | >= 0 < 1.7.1.3-1.3 | 1.7.1.3-1.3 |
| dest-unreach | socat | >= 0 < 1.7.1.3-1.3 | 1.7.1.3-1.3 |
| dest-unreach | socat | >= 0 < 1.7.1.3-1.3 | 1.7.1.3-1.3 |
CVSS provenance
nvdv2.06.2MEDIUMAV:L/AC:H/Au:N/C:C/I:C/A:C
osv6.2MEDIUM
vendor_debian6.2LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2c9m-9m4q-pf59: Heap-based buffer overflow in the xioscan_readline function in xio-readline
ghsa_unreviewed·2022-05-04
CVE-2012-0219 [MEDIUM] CWE-119 GHSA-2c9m-9m4q-pf59: Heap-based buffer overflow in the xioscan_readline function in xio-readline
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.
OSV
CVE-2012-0219: Heap-based buffer overflow in the xioscan_readline function in xio-readline
osv·2012-06-21·CVSS 6.2
CVE-2012-0219 [MEDIUM] CVE-2012-0219: Heap-based buffer overflow in the xioscan_readline function in xio-readline
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.
Debian
CVE-2012-0219: socat - Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in...
vendor_debian·2012·CVSS 6.2
CVE-2012-0219 [MEDIUM] CVE-2012-0219: socat - Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in...
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.
Scope: local
bookworm: resolved (fixed in 1.7.1.3-1.3)
bullseye: resolved (fixed in 1.7.1.3-1.3)
forky: resolved (fixed in 1.7.1.3-1.3)
sid: resolved (fixed in 1.7.1.3-1.3)
trixie: resolved (fixed in 1.7.1.3-1.3)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2012-1702 mysql: unspecified unauthenticated DoS vulnerability related to Server (CPU Jan 2013)
bugzilla·2013-01-16·CVSS 5.0
CVE-2012-1702 [MEDIUM] CVE-2012-1702 mysql: unspecified unauthenticated DoS vulnerability related to Server (CPU Jan 2013)
CVE-2012-1702 mysql: unspecified unauthenticated DoS vulnerability related to Server (CPU Jan 2013)
An unspecified vulnerability in the server subcomponent of the MySQL protocol component of the Oracle MySQL server allows remote attackers to alter availability via unspecified vectors.
References:
[1] http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
Discussion:
This issue affects the version of the mysql package, as shipped with Red Hat Enterprise Linux 6.
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2013:0219 https://rhn.redhat.com/errata/RHSA-2013-0219.html
Bugzilla
CVE-2012-0574 mysql: unspecified DoS vulnerability related to Server (CPU Jan 2013)
bugzilla·2013-01-16·CVSS 4.0
CVE-2012-0574 [MEDIUM] CVE-2012-0574 mysql: unspecified DoS vulnerability related to Server (CPU Jan 2013)
CVE-2012-0574 mysql: unspecified DoS vulnerability related to Server (CPU Jan 2013)
An unspecified vulnerability in the server subcomponent of the MySQL protocol component of the Oracle MySQL server allows remote authenticated attackers to alter availability via unspecified vectors.
References:
[1] http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
Discussion:
This issue affects the version of the mysql package, as shipped with Red Hat Enterprise Linux 6.
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2013:0219 https://rhn.redhat.com/errata/RHSA-2013-0219.html
Bugzilla
CVE-2012-1705 mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Jan 2013)
bugzilla·2013-01-16·CVSS 4.0
CVE-2012-1705 [MEDIUM] CVE-2012-1705 mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Jan 2013)
CVE-2012-1705 mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Jan 2013)
An unspecified vulnerability in the server optimizer subcomponent of the MySQL protocol component of the Oracle MySQL server allows remote authenticated attackers to alter availability via unspecified vectors.
References:
[1] http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
Discussion:
This issue affects the version of the mysql package, as shipped with Red Hat Enterprise Linux 6.
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2013:0219 https://rhn.redhat.com/errata/RHSA-2013-0219.html
Bugzilla
CVE-2012-0572 mysql: unspecified DoS vulnerability related to InnoDB (CPU Jan 2013)
bugzilla·2013-01-16·CVSS 4.0
CVE-2012-0572 [MEDIUM] CVE-2012-0572 mysql: unspecified DoS vulnerability related to InnoDB (CPU Jan 2013)
CVE-2012-0572 mysql: unspecified DoS vulnerability related to InnoDB (CPU Jan 2013)
An unspecified vulnerability in the InnoDB subcomponent of the MySQL protocol component of the Oracle MySQL server allows remote authenticated attackers to alter availability via unspecified vectors.
References:
[1] http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
Discussion:
This issue affects the version of the mysql package, as shipped with Red Hat Enterprise Linux 6.
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2013:0219 https://rhn.redhat.com/errata/RHSA-2013-0219.html
Bugzilla
CVE-2012-0219 socat: heap-based buffer overflow flaw leads to arbitrary code execution [fedora-all]
bugzilla·2012-05-14·CVSS 6.2
CVE-2012-0219 [MEDIUM] CVE-2012-0219 socat: heap-based buffer overflow flaw leads to arbitrary code execution [fedora-all]
CVE-2012-0219 socat: heap-based buffer overflow flaw leads to arbitrary code execution [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/upd
Bugzilla
CVE-2012-0219 socat: heap-based buffer overflow flaw leads to arbitrary code execution [epel-all]
bugzilla·2012-05-14·CVSS 6.2
CVE-2012-0219 [MEDIUM] CVE-2012-0219 socat: heap-based buffer overflow flaw leads to arbitrary code execution [epel-all]
CVE-2012-0219 socat: heap-based buffer overflow flaw leads to arbitrary code execution [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updat
Bugzilla
CVE-2012-0219 socat: heap-based buffer overflow flaw leads to arbitrary code execution
bugzilla·2012-05-14·CVSS 6.2
CVE-2012-0219 [MEDIUM] CVE-2012-0219 socat: heap-based buffer overflow flaw leads to arbitrary code execution
CVE-2012-0219 socat: heap-based buffer overflow flaw leads to arbitrary code execution
A heap-based buffer overflow flaw was found in socat with data that happens to be output on the READLINE address. The READLINE address is usually only used interactively, without the "prompt" and "noprompt" options. If an attacker were able to provide malicious data to the other (arbitrary) address that is then transferred to socat's READLINE address for output, they would be able to execute arbitrary code with the privileges of the socat process.
To work around this flaw, you can use the "prompt" or "noprompt" options with the READLINE address.
This has been corrected upstream [1] in versions 1.7.2.1 and 2.0.0-b5; patches are available.
[1] http://www.dest-unreach.org/socat/contrib/socat-secadv3.htm
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081619.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-June/081882.htmlhttp://secunia.com/advisories/49105http://secunia.com/advisories/49746http://security.gentoo.org/glsa/glsa-201208-01.xmlhttp://www.dest-unreach.org/socat/contrib/socat-secadv3.htmlhttp://www.lwn.net/Articles/504742/http://www.mandriva.com/security/advisories?name=MDVSA-2013:169http://www.openwall.com/lists/oss-security/2012/05/14/2http://www.osvdb.org/81969http://www.securityfocus.com/bid/53510http://www.securitytracker.com/id?1027064http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081619.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-June/081882.htmlhttp://secunia.com/advisories/49105http://secunia.com/advisories/49746http://security.gentoo.org/glsa/glsa-201208-01.xmlhttp://www.dest-unreach.org/socat/contrib/socat-secadv3.htmlhttp://www.lwn.net/Articles/504742/http://www.mandriva.com/security/advisories?name=MDVSA-2013:169http://www.openwall.com/lists/oss-security/2012/05/14/2http://www.osvdb.org/81969http://www.securityfocus.com/bid/53510http://www.securitytracker.com/id?1027064
2012-06-21
Published