openSUSE Security Update : socat (openSUSE-2015-324)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

socat was updated 1.7.2.4 to fix one security issue and bugs.

The following vulnerabilities were fixed :

- socats PROXY-CONNECT address was vulnerable to a buffer
overflow with data from command line (CVE-2014-0019,
boo#860991)

The following bugs were fixed :

- socat would frequently crash on ppc and armv7l
(boo#927161)

- various other bug fixes in 1.7.2.4

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=860991
https://bugzilla.opensuse.org/show_bug.cgi?id=927161

Solution :

Update the affected socat packages.

Risk factor :

Low / CVSS Base Score : 1.9
(CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 83083 ()

Bugtraq ID:

CVE ID: CVE-2014-0019

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now