FreeBSD : socat -- format string vulnerability (f3017ce1-32a4-11d9-a9e7-0001020eed82)
High Nessus Plugin ID 37101
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSocat Security Advisory 1 states :
socat up to version 184.108.40.206 contains a syslog() based format string vulnerability. This issue was originally reported by CoKi on 19 Oct.2004 http://www.nosystem.com.ar/advisories/advisory-07.txt.
Further investigation showed that this vulnerability could under some circumstances lead to local or remote execution of arbitrary code with the privileges of the socat process.
SolutionUpdate the affected package.