Vulnerabilities > CVE-2004-1484 - Unspecified vulnerability in Socat
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message.
Vulnerable Configurations
Exploit-Db
description | socat <= 1.4.0.2 Local Format String Exploit (not setuid). CVE-2004-1484. Local exploit for linux platform |
id | EDB-ID:591 |
last seen | 2016-01-31 |
modified | 2004-10-23 |
published | 2004-10-23 |
reporter | CoKi |
source | https://www.exploit-db.com/download/591/ |
title | socat <= 1.4.0.2 - Local Format String Exploit not setuid |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200410-26.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200410-26 (socat: Format string vulnerability) socat contains a syslog() based format string vulnerablility in the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15568 |
published | 2004-10-26 |
reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15568 |
title | GLSA-200410-26 : socat: Format string vulnerability |
code |
|
References
- http://secunia.com/advisories/12936/
- http://secunia.com/advisories/12936/
- http://www.dest-unreach.org/socat/advisory/socat-adv-1.html
- http://www.dest-unreach.org/socat/advisory/socat-adv-1.html
- http://www.gentoo.org/security/en/glsa/glsa-200410-26.xml
- http://www.gentoo.org/security/en/glsa/glsa-200410-26.xml
- http://www.nosystem.com.ar/advisories/advisory-07.txt
- http://www.nosystem.com.ar/advisories/advisory-07.txt
- http://www.securityfocus.com/bid/11505
- http://www.securityfocus.com/bid/11505
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17822
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17822