Date: Tue, 2 Feb 2016 14:37:17 -0500 (EST) From: cve-assign@...re.org To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Re: Socat security advisory 8 - Stack overflow in parser -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > This vulnerability can only be exploited when an attacker is able to > inject data into socat's command line. > A vulnerable scenario would be a CGI script that reads data from > clients and uses (parts of) this data as hostname for a Socat > invocation. This was sent to the oss-security list as a published advisory, not as a CVE ID request. Is there anyone (e.g., a Linux distribution) who is planning to re-announce this to a different audience in a way that would make a CVE ID especially useful? Note that there will be a CVE ID for the simultaneously released "security advisory 7." At this point, the MITRE CVE team does not see a realistic exploitation scenario (for security advisory 8) that would be best categorized as a socat problem that requires a socat CVE ID. For example, "a CGI script that reads data from clients and uses (parts of) this data as hostname for a Socat invocation" might be better categorized as an SSRF vulnerability in that CGI script (and potentially site-specific unless such a CGI script already exists in packaged code). - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWsQPRAAoJEL54rhJi8gl58g4QAJY2pF4cO5bxQA7rfwlGajZq /ZL6f4v59/LZpe9Vpa+HTUwXGe+cRv68Zvgp37K1gWqnmazIwgCmJGIZ3BvVJ019 v/AizZt7aCOZf8X2VTK82ylQU56bcOdmXCKZ9Xb9OHukIpK918bILOPb+t2HmqCe jOHNyzMRou9R/23qan8WQzW78JmK1D8E2DjHZbdHDkKm83j2z+CKI2H2hHkaYOy+ QHqMiJuo6PMPLObxPmF1HY8cqN+EIl2LPt0VShAr2uYjlyB3eCpY2kdfJQUSQ6FW RxBa5bue+X0fv8IenUEtQsEcVJgS5jWwPavE7mrR8fkeyjJM+WGyilf2/iXuofBx zasCOaH82xteaIGoXW99OmLhFjMDPCIcN6lD33xu/GtF/Xg9OBbYeMfsjb1FoLsf w6lRyW3PyRRDTzZoeLpRhacK759eJvBBDL8JUqeJTsKOhKdnbOD47wHYrVboypbC ZAcS8Jnl8wrTslP6iscad32J6plr8pIzoyo8iOks6oKx1BnaZTQn99MOHt7GBBN6 7Io9JMcjDcael9iDIlM7Gwv+AzAUqDZuKZ6CIPPwbVklVQYM7zTBx4Ch2+7KB8yt 5r8y5GgzFO29ryA6T+cBwFDFcAFsJf6D0t5qV39mELAi49R6Qw/GI7huLsi54W9B 0fUfuGVElnJEWu8NEth2 =FQZ0 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.