PT-2014-2687 · Openbsd+1 · Socat+1

Catalin Mitrofan

Published

2013-06-06

Updated

2024-06-15

CVE-2013-3571

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions socat versions 1.2.0.0 through 1.7.2.2 socat versions 2.0.0-b1 through 2.0.0-b5

Description The issue allows remote attackers to cause a denial of service by consuming file descriptors via multiple requests that are refused based on source port, low port, range, or tcpwrap restrictions, when used for a listen type address and the fork option is enabled.

Recommendations For socat versions 1.2.0.0 through 1.7.2.2, update to version 1.7.2.2 or later. For socat versions 2.0.0-b1 through 2.0.0-b5, update to version 2.0.0-b6 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2013-3571

MGASA-2013-0159

OPENSUSE-SU-2024:10371-1

SUSE-SU-2016:0343-1

SUSE-SU-2016_0343-1

Affected Products

Suse

Socat

PT-2014-2687 · Openbsd+1 · Socat+1

CVE-2013-3571

Related Identifiers

Affected Products

References · 25