Vulnerability CVE-2010-2799

Vulnerability Name:

CVE-2010-2799 (CCN-60854)

Assigned:

2010-07-30

Published:

2010-07-30

Updated:

2010-09-15

Summary:

Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: CONFIRM
Type: UNKNOWN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591443

Source: CONFIRM
Type: UNKNOWN
http://bugs.gentoo.org/show_bug.cgi?id=330785

Source: MITRE
Type: CNA
CVE-2010-2799

Source: CCN
Type: SA40806
socat Command Line Argument Buffer Overflow Vulnerability

Source: DEBIAN
Type: UNKNOWN
DSA-2090

Source: DEBIAN
Type: DSA-2090
socat -- incorrect user-input validation

Source: CCN
Type: socat Web Site
Socat security advisory 2

Source: CONFIRM
Type: Vendor Advisory
http://www.dest-unreach.org/socat/contrib/socat-secadv2.html

Source: CONFIRM
Type: Patch
http://www.dest-unreach.org/socat/download/socat-1.7.1.3.patch

Source: CCN
Type: OSVDB ID: 66813
socat nestlex.c nestlex() Function Local Overflow

Source: CCN
Type: BID-42112
socat 'nestlex()' Command Line Argument Buffer Overflow Vulnerability

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=620426

Source: XF
Type: UNKNOWN
socat-nestlex-bo(60854)

Vulnerable Configuration:

Configuration 1:

cpe:/a:dest-unreach:socat:1.5.0.0:*:*:*:*:*:*:*

OR cpe:/a:dest-unreach:socat:1.6.0.0:*:*:*:*:*:*:*

OR cpe:/a:dest-unreach:socat:1.6.0.1:*:*:*:*:*:*:*

OR cpe:/a:dest-unreach:socat:1.7.0.0:*:*:*:*:*:*:*

OR cpe:/a:dest-unreach:socat:1.7.0.1:*:*:*:*:*:*:*

OR cpe:/a:dest-unreach:socat:1.7.1.0:*:*:*:*:*:*:*

OR cpe:/a:dest-unreach:socat:1.7.1.1:*:*:*:*:*:*:*

OR cpe:/a:dest-unreach:socat:2.0.0:b1:*:*:*:*:*:*

OR cpe:/a:dest-unreach:socat:2.0.0:b2:*:*:*:*:*:*

OR cpe:/a:dest-unreach:socat:2.0.0:b3:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20102799	V	CVE-2010-2799	2022-05-20
oval:org.opensuse.security:def:42438	P	Security update for openssl-1_1 (Important)	2022-04-13
oval:org.opensuse.security:def:32251	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:26184	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:30280	P	Security update for openssh (Important)	2021-12-06
oval:org.opensuse.security:def:31715	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:29455	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:33045	P	Security update for postgresql96 (Important)	2021-11-22
oval:org.opensuse.security:def:32213	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:32212	P	Security update for binutils (Moderate)	2021-11-02
oval:org.opensuse.security:def:26127	P	Security update for postgresql12 (Moderate)	2021-09-16
oval:org.opensuse.security:def:32994	P	Security update for apache2 (Important)	2021-09-02
oval:org.opensuse.security:def:30243	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:32163	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:29401	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:32955	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:32126	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:42700	P	socat-1.7.0.0-1.16.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36293	P	socat-1.7.0.0-1.16.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32107	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:26046	P	Security update for libxml2 (Moderate)	2021-05-05
oval:org.opensuse.security:def:32910	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:32069	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:26157	P	Security update for the Linux Kernel (Important)	2021-02-09
oval:org.opensuse.security:def:32273	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:26210	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:33654	P	Security update for flac (Moderate)	2021-01-04
oval:org.opensuse.security:def:32831	P	Security update for curl (Moderate)	2020-12-14
oval:org.opensuse.security:def:34332	P	Security update for curl (Moderate)	2020-12-10
oval:org.opensuse.security:def:36031	P	socat-1.7.0.0-1.16.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:32820	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:32819	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:26419	P	Security update for mbedtls (Moderate)	2020-12-01
oval:org.opensuse.security:def:32317	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:31760	P	Security update for MozillaFirefox (Critical)	2020-12-01
oval:org.opensuse.security:def:26006	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:29561	P	Security update for NetworkManager-gnome	2020-12-01
oval:org.opensuse.security:def:31497	P	Security update for python-lxml	2020-12-01
oval:org.opensuse.security:def:33140	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26560	P	gstreamer-0_10-plugins-base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31977	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26259	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:31583	P	Recommended update for tboot (Moderate)	2020-12-01
oval:org.opensuse.security:def:33441	P	Security update for evolution-data-server	2020-12-01
oval:org.opensuse.security:def:27256	P	pam on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28821	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:26356	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25843	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:31864	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:33586	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25580	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:29107	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32474	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:34292	P	Security update for libpython2_6-1_0, libpython2_6-1_0-32bit, libpython2_6-1_0-x86, python, python-32bit, python-base, python-base-32bit, python-base-debuginfo, python-base-debuginfo-32bit, python-base-debuginfo-x86, python-base-debugsource, python-base-x86, python-curses, python-debuginfo, python-debuginfo-32bit, python-debuginfo-x86, python-debugsource, python-demo, python-devel, python-doc, python-doc-pdf, python-gdbm, python-idle, python-tk, python-x86, python-xml	2020-12-01
oval:org.opensuse.security:def:25656	P	Security update for spice-gtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:32579	P	mozilla-xulrunner190 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26268	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:31759	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:25922	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:29543	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26521	P	amavisd-new on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31845	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:31509	P	Security update for python27 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33284	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26618	P	nagios-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28810	P	Security update for postgresql91	2020-12-01
oval:org.opensuse.security:def:26312	P	Security update for dnsmasq (Important)	2020-12-01
oval:org.opensuse.security:def:25842	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31807	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33547	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:29021	P	Security update for qemu	2020-12-01
oval:org.opensuse.security:def:32425	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:27029	P	socat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25918	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25592	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:29248	P	Security update for squid3 (Important)	2020-12-01
oval:org.opensuse.security:def:32535	P	kdebase3-runtime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25865	P	Security update for pcre (Moderate)	2020-12-01
oval:org.opensuse.security:def:29504	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:33256	P	socat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26472	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:31771	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:29605	P	Security update for bash	2020-12-01
oval:org.opensuse.security:def:31498	P	Security update for python-numpy (Important)	2020-12-01
oval:org.opensuse.security:def:33197	P	log4net on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26574	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28809	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26298	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33498	P	Security update for mipv6d	2020-12-01
oval:org.opensuse.security:def:27291	P	socat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28890	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:32369	P	Security update for tar (Moderate)	2020-12-01
oval:org.opensuse.security:def:26994	P	nagios on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25854	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31951	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:33610	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:25581	P	Security update for perl-XML-Twig (Moderate)	2020-12-01
oval:org.opensuse.security:def:29164	P	Security update for log4j (Important)	2020-12-01
oval:org.opensuse.security:def:32513	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25784	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:33217	P	openslp on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:12303	P	DSA-2090-1 socat -- incorrect user-input validation	2014-07-21
oval:com.ubuntu.precise:def:20102799000	V	CVE-2010-2799 on Ubuntu 12.04 LTS (precise) - medium.	2010-09-14
oval:org.debian:def:2090	V	incorrect user-input validation	2010-08-06

BACK