Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
1.9
CVSSv2

CVE-2014-0019

Published: 04/02/2014 Updated: 30/10/2018
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
VMScore: 169
Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

Stack-based buffer overflow in socat 1.3.0.0 up to and including 1.7.2.2 and 2.0.0-b1 up to and including 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dest-unreach socat 2.0.0

fedoraproject fedora 20

fedoraproject fedora 19

opensuse opensuse 13.1

dest-unreach socat 1.3.2.0

dest-unreach socat 1.7.1.1

dest-unreach socat 1.7.0.0

dest-unreach socat 1.5.0.0

dest-unreach socat 1.7.1.2

dest-unreach socat 1.3.2.2

dest-unreach socat 1.6.0.0

dest-unreach socat 1.7.1.0

dest-unreach socat 1.4.0.2

dest-unreach socat 1.4.0.0

dest-unreach socat 1.4.2.0

dest-unreach socat 1.4.0.3

dest-unreach socat 1.3.0.1

dest-unreach socat 1.4.3.0

dest-unreach socat 1.7.2.1

dest-unreach socat 1.7.2.2

dest-unreach socat 1.6.0.1

dest-unreach socat 1.4.3.1

dest-unreach socat 1.3.2.1

dest-unreach socat 1.7.0.1

dest-unreach socat 1.7.2.0

dest-unreach socat 1.3.1.0

dest-unreach socat 1.7.1.3

dest-unreach socat 1.4.1.0

dest-unreach socat 1.3.0.0

dest-unreach socat 1.4.0.1

Vendor Advisories

Debian CVElist Bug Report Logs: socat: CVE-2014-0019: PROXY-CONNECT address overflow
Debian Bug report logs - #736993 socat: CVE-2014-0019: PROXY-CONNECT address overflow Package: socat; Maintainer for socat is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for socat is src:socat (PTS, buildd, popcon) Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 29 Jan 2014 05:39:02 UTC Severi ...
Amazon Linux AMI: ALAS-2014-300
Stack-based buffer overflow in socat 1300 through 1722 and 200-b1 through 200-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line ...
Red Hat: CVE-2014-0019
Stack-based buffer overflow in socat 1300 through 1722 and 200-b1 through 200-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line ...

References

CWE-119http://www.dest-unreach.org/socathttp://osvdb.org/102612http://seclists.org/oss-sec/2014/q1/159http://www.dest-unreach.org/socat/contrib/socat-secadv5.txthttp://lists.fedoraproject.org/pipermail/package-announce/2014-February/128229.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2014:033http://www.securityfocus.com/bid/65201http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128190.htmlhttp://lists.opensuse.org/opensuse-updates/2015-04/msg00043.htmlhttps://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736993https://access.redhat.com/security/cve/cve-2014-0019
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCPCVE-2024-4577CVE-2024-2695CVE-2024-31870injectionCVE-2024-3813arbitrary codeCVE-2024-27801CVE-2024-30120
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook