← Back

CVE-2014-0019

nvd nist
Published: Feb 4, 2014Modified: Apr 29, 2026

JSON object

Loading...
1.9
Vector
AV:L/AC:M/Au:N/C:N/I:N/A:P
Exploitability: 3.4 / Impact: 2.9
Source: NVD

Description

Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.

Affected (35)

Dest Unreach
1 product
Socat
Fedoraproject
1 product
Fedora
Opensuse
1 product
Opensuse
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Dest Unreach
Socat
Version 2.0.0 b1
Socat
Version 2.0.0 b2
Socat
Version 2.0.0 b3
Socat
Version 2.0.0 b4
Socat
Version 2.0.0 b5
Socat
Version 2.0.0 b6
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 19
Fedora
Version 20
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Version 13.1
Configuration D
26 vulnerable
Vulnerable SoftwareAffected Versions
Dest Unreach
Socat
Version 1.3.0.0
Socat
Version 1.3.0.1
Socat
Version 1.3.1.0
Socat
Version 1.3.2.0
Socat
Version 1.3.2.1
Socat
Version 1.3.2.2
Socat
Version 1.4.0.0
Socat
Version 1.4.0.1
Socat
Version 1.4.0.2
Socat
Version 1.4.0.3
Socat
Version 1.4.1.0
Socat
Version 1.4.2.0
Socat
Version 1.4.3.0
Socat
Version 1.4.3.1
Socat
Version 1.5.0.0
Socat
Version 1.6.0.0
Socat
Version 1.6.0.1
Socat
Version 1.7.0.0
Socat
Version 1.7.0.1
Socat
Version 1.7.1.0
Socat
Version 1.7.1.1
Socat
Version 1.7.1.2
Socat
Version 1.7.1.3
Socat
Version 1.7.2.0
Socat
Version 1.7.2.1
Socat
Version 1.7.2.2

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (18)

Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
PatchThird Party AdvisoryVDB Entry
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.