FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

socat -- format string vulnerability

Affected packages
socat <


VuXML ID f3017ce1-32a4-11d9-a9e7-0001020eed82
Discovery 2004-10-18
Entry 2004-11-10

Socat Security Advisory 1 states:

socat up to version contains a syslog() based format string vulnerability. This issue was originally reported by CoKi on 19 Oct.2004 Further investigation showed that this vulnerability could under some circumstances lead to local or remote execution of arbitrary code with the privileges of the socat process.