CVE-2010-2799

{"id": "CVE-2010-2799", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-09-14T21:00:01.703", "references": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591443", "source": "secalert@redhat.com"}, {"url": "http://bugs.gentoo.org/show_bug.cgi?id=330785", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2010/dsa-2090", "source": "secalert@redhat.com"}, {"url": "http://www.dest-unreach.org/socat/contrib/socat-secadv2.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.dest-unreach.org/socat/download/socat-1.7.1.3.patch", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=620426", "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n nestlex en nestlex.c en Socat 1.5.0.0 a 1.7.1.2 y 2.0.0-b1 a 2.0.0-b3, cuando el reenv\u00edo bidireccional de datos est\u00e1 habilitado, permite a atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de argumentos de l\u00ednea de comandos largos."}], "lastModified": "2010-09-15T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dest-unreach:socat:1.5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43189B21-C2E3-4066-82A1-456344B10131"}, {"criteria": "cpe:2.3:a:dest-unreach:socat:1.6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15DA6703-CECF-4456-B8F6-18888629C122"}, {"criteria": "cpe:2.3:a:dest-unreach:socat:1.6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6320B213-6E09-4A64-9C44-3565A6006C74"}, {"criteria": "cpe:2.3:a:dest-unreach:socat:1.7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C577A55-72B0-4F75-B7A3-558DBF2B7BFD"}, {"criteria": "cpe:2.3:a:dest-unreach:socat:1.7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34FFD979-165A-4465-8CCD-BA6CCEDC0016"}, {"criteria": "cpe:2.3:a:dest-unreach:socat:1.7.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7B050A1-ECDE-47E8-8B7D-6AFD3923BA49"}, {"criteria": "cpe:2.3:a:dest-unreach:socat:1.7.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D82983A5-0BBF-4131-AF82-1036FAFC0ABF"}, {"criteria": "cpe:2.3:a:dest-unreach:socat:2.0.0:b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BE19927-5110-4C8D-8E3E-C075CA61023B"}, {"criteria": "cpe:2.3:a:dest-unreach:socat:2.0.0:b2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F7C7910-5259-40D9-848D-402017952540"}, {"criteria": "cpe:2.3:a:dest-unreach:socat:2.0.0:b3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E50A8D8-00A8-4578-85ED-C3A11A9CA955"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}