FreeBSD : socat -- format string vulnerability (f3017ce1-32a4-11d9-a9e7-0001020eed82)

High Nessus Plugin ID 37101


The remote FreeBSD host is missing a security-related update.


Socat Security Advisory 1 states :

socat up to version contains a syslog() based format string vulnerability. This issue was originally reported by CoKi on 19 Oct.2004
Further investigation showed that this vulnerability could under some circumstances lead to local or remote execution of arbitrary code with the privileges of the socat process.


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 37101

File Name: freebsd_pkg_f3017ce132a411d9a9e70001020eed82.nasl

Version: $Revision: 1.9 $

Type: local

Published: 2009/04/23

Modified: 2013/08/09

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:socat, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2004/11/10

Vulnerability Publication Date: 2004/10/18