CVE-2014-0019
published 2014-02-04CVE-2014-0019: Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault)…
PriorityP410low1.9CVSS 2.0
AVLACMAuNCNINAP
EPSS
0.40%
32.2th percentile
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | socat | < socat 1.7.2.3-1 (bookworm) | socat 1.7.2.3-1 (bookworm) |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
| dest-unreach | socat | — | — |
CVSS provenance
nvdv2.01.9LOWAV:L/AC:M/Au:N/C:N/I:N/A:P
osv1.9LOW
vendor_debian1.9LOW
vendor_redhat1.9LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3256-v4vm-qpwg: Stack-based buffer overflow in socat 1
ghsa_unreviewed·2022-05-14
CVE-2014-0019 [LOW] CWE-119 GHSA-3256-v4vm-qpwg: Stack-based buffer overflow in socat 1
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
OSV
CVE-2014-0019: Stack-based buffer overflow in socat 1
osv·2014-02-04·CVSS 1.9
CVE-2014-0019 [LOW] CVE-2014-0019: Stack-based buffer overflow in socat 1
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
Red Hat
socat: PROXY-CONNECT address overflow
vendor_redhat·2014-01-28·CVSS 1.9
CVE-2014-0019 [LOW] CWE-119 socat: PROXY-CONNECT address overflow
socat: PROXY-CONNECT address overflow
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
Statement: The Red Hat Security Response Team has rated this issue as having Low security impact on OpenShift Enterprise, a future update may address this flaw.
Package: socat (Red Hat Enterprise Linux 7) - Not affected
Package: socat (Red Hat OpenShift Enterprise 2) - Affected
Debian
CVE-2014-0019: socat - Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 throug...
vendor_debian·2014·CVSS 1.9
CVE-2014-0019 [LOW] CVE-2014-0019: socat - Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 throug...
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
Scope: local
bookworm: resolved (fixed in 1.7.2.3-1)
bullseye: resolved (fixed in 1.7.2.3-1)
forky: resolved (fixed in 1.7.2.3-1)
sid: resolved (fixed in 1.7.2.3-1)
trixie: resolved (fixed in 1.7.2.3-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2014-0213 CVE-2014-0214 CVE-2014-0215 CVE-2014-0216 CVE-2014-0217 CVE-2014-0218 moodle: upstream 2.7, 2.6.3, 2.5.6, and 2.4.10 security fixes
bugzilla·2014-05-21·CVSS 6.8
CVE-2014-0213 [MEDIUM] CVE-2014-0213 CVE-2014-0214 CVE-2014-0215 CVE-2014-0216 CVE-2014-0217 CVE-2014-0218 moodle: upstream 2.7, 2.6.3, 2.5.6, and 2.4.10 security fixes
CVE-2014-0213 CVE-2014-0214 CVE-2014-0215 CVE-2014-0216 CVE-2014-0217 CVE-2014-0218 moodle: upstream 2.7, 2.6.3, 2.5.6, and 2.4.10 security fixes
Moodle upstream has released versions 2.7, 2.6.3, 2.5.6, and 2.4.10 to fix the following security flaws:
CVE-2014-0213 MSA-14-0014: Cross-site request forgery possible in Assignment
CVE-2014-0214 MSA-14-0015: Web service token expiry issue for MoodleMobile
CVE-2014-0215 MSA-14-0016: Anonymous student identity revealed in assignment
CVE-2014-0216 MSA-14-0017: File access issue in HTML block
CVE-2014-0217 MSA-14-0018: Information leak in courses
CVE-2014-0218 MSA-14-0019: Reflected XSS in URL downloader repository
For a full summary and patch links, refer to the following:
http://seclists.org/oss-sec/2014/q2/329
Discussion:
Created moodle tra
Bugzilla
CVE-2014-0019 socat: PROXY-CONNECT address overflow [fedora-all]
bugzilla·2014-01-28·CVSS 1.9
CVE-2014-0019 [LOW] CVE-2014-0019 socat: PROXY-CONNECT address overflow [fedora-all]
CVE-2014-0019 socat: PROXY-CONNECT address overflow [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects multiple
Bugzilla
CVE-2014-0019 socat: PROXY-CONNECT address overflow
bugzilla·2014-01-24·CVSS 1.9
CVE-2014-0019 [LOW] CVE-2014-0019 socat: PROXY-CONNECT address overflow
CVE-2014-0019 socat: PROXY-CONNECT address overflow
Florian Weimer of the Red Hat Product Security Team discovered a denial of service flaw in socat. Due to a missing check during assembly of the HTTP request line a long target server name ( in the documentation) of the PROXY-CONNECT address can cause a stack buffer overrun. Exploitation requires that the attacker is able to provide the target server name to the PROXY-CONNECT address in the command line. This can happen for example in scripts that receive data from untrusted sources.
This flaw affects socat versions 1.3.0.0 through to 1.7.2.2; it is corrected in 1.7.2.3.
Acknowledgements:
This issue was discovered by Florian Weimer of the Red Hat Product Security Team.
Discussion:
Created attachment 855124
upstream patch to correct
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128190.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-February/128229.htmlhttp://lists.opensuse.org/opensuse-updates/2015-04/msg00043.htmlhttp://osvdb.org/102612http://seclists.org/oss-sec/2014/q1/159http://www.dest-unreach.org/socathttp://www.dest-unreach.org/socat/contrib/socat-secadv5.txthttp://www.mandriva.com/security/advisories?name=MDVSA-2014:033http://www.securityfocus.com/bid/65201http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128190.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-February/128229.htmlhttp://lists.opensuse.org/opensuse-updates/2015-04/msg00043.htmlhttp://osvdb.org/102612http://seclists.org/oss-sec/2014/q1/159http://www.dest-unreach.org/socathttp://www.dest-unreach.org/socat/contrib/socat-secadv5.txthttp://www.mandriva.com/security/advisories?name=MDVSA-2014:033http://www.securityfocus.com/bid/65201
2014-02-04
Published