Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 499668 (CVE-2014-0019) - <net-misc/socat-1.7.2.3 - PROXY-CONNECT address overflow (CVE-2014-0019)
Summary: <net-misc/socat-1.7.2.3 - PROXY-CONNECT address overflow (CVE-2014-0019)
Status: RESOLVED FIXED
Alias: CVE-2014-0019
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2014-01-29 09:34 UTC by Agostino Sarubbo
Modified: 2014-02-21 09:39 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2014-01-29 09:34:49 UTC
From ${URL} :

Florian Weimer of the Red Hat Product Security Team discovered a denial of service flaw in socat. Due to a 
missing check during assembly of the HTTP request line a long target server name (<hostname> in the 
documentation) of the PROXY-CONNECT address can cause a stack buffer overrun. Exploitation requires that 
the attacker is able to provide the target server name to the PROXY-CONNECT address in the command line. 
This can happen for example in scripts that receive data from untrusted sources.

This flaw affects socat versions 1.3.0.0 through to 1.7.2.2; it is corrected in 1.7.2.3.



@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2014-01-29 10:26:13 UTC
Arch teams, please test and mark stable:
=net-misc/socat-1.7.2.3
Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc sparc x86

Don't worry too much about failing tests. Don't file a bug report about it (we have bug #277104 and bug #294586 already).
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2014-01-29 11:06:49 UTC
Stable for HPPA.
Comment 3 Agostino Sarubbo gentoo-dev 2014-01-29 13:18:26 UTC
(In reply to Jeroen Roovers from comment #1)
> Arch teams, please test and mark stable:
> =net-misc/socat-1.7.2.3
> Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc sparc x86
> 
> Don't worry too much about failing tests. Don't file a bug report about it
> (we have bug #277104 and bug #294586 already).

You can avoid to mention the masked version(s) in the summary.
Comment 4 Agostino Sarubbo gentoo-dev 2014-02-01 22:45:57 UTC
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2014-02-01 22:47:54 UTC
x86 stable
Comment 6 Agostino Sarubbo gentoo-dev 2014-02-02 11:04:57 UTC
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2014-02-09 08:29:24 UTC
sparc stable
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2014-02-13 14:57:45 UTC
CVE-2014-0019 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0019):
  Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1
  through 2.0.0-b6 allows local users to cause a denial of service
  (segmentation fault) via a long server name in the PROXY-CONNECT address in
  the command line.
Comment 9 Agostino Sarubbo gentoo-dev 2014-02-16 07:35:05 UTC
alpha stable
Comment 10 Agostino Sarubbo gentoo-dev 2014-02-16 12:05:45 UTC
ia64 stable
Comment 11 Agostino Sarubbo gentoo-dev 2014-02-17 21:08:06 UTC
arm stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 12 Sergey Popov gentoo-dev 2014-02-21 08:00:27 UTC
Thanks for your work, cleanup was done by Jeroen

GLSA vote: no
Comment 13 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2014-02-21 09:39:43 UTC
GLSA vote: no.

Closing as [noglsa]