CVE-2010-2799

EPSS 1.4%

socat - arbitrary code execution

Published: 9/14/2010Modified: 4/28/2026

Description

Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments.

Affected packages (2)

Debian/socatfrom 0, < 1.7.1.3-1
Debian/socatfrom 0, < 1.6.0.1-1+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-2799