Paketname
socat
Datum
2010-09-15
Advisory ID
MDVSA-2010:183
Betroffene Versionen
MES5 i586 , MES5 x86_64

Problembeschreibung

A vulnerability has been found and corrected in socat:

Stack-based buffer overflow in the nestlex function in nestlex.c
in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3,
when bidirectional data relay is enabled, allows context-dependent
attackers to execute arbitrary code via long command-line arguments
(CVE-2010-2799).

The updated packages have been patched to correct this issue.

Aktualisierte Pakete

MES5 i586

 986897a5455fe890db28a865d841c898  mes5/i586/socat-1.6.0.0-4.1mdvmes5.1.i586.rpm 
 b0eeb05a0aa40689073b90d2ad9c0c52  mes5/SRPMS/socat-1.6.0.0-4.1mdvmes5.1.src.rpm

MES5 x86_64

 a945969d69509c99a7433c3077c245de  mes5/x86_64/socat-1.6.0.0-4.1mdvmes5.1.x86_64.rpm 
 b0eeb05a0aa40689073b90d2ad9c0c52  mes5/SRPMS/socat-1.6.0.0-4.1mdvmes5.1.src.rpm

Referenzen