VIR Vulnerability Intelligence Relay

CVE-2013-3571

low
Published 2014-05-08 · Modified 2026-05-06
CVSS v3
CVSS v2
2.6
VIR risk
2.6

Description

socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service (file descriptor consumption) via multiple request that are refused based on the (1) sourceport, (2) lowport, (3) range, or (4) tcpwrap restrictions.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2013-3571

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2013-3571.html

OS impact
OSVersionStatusFixed in
suse slesaffected
debian debianbookwormfixed1.7.1.3-1.5
debian debianbullseyefixed1.7.1.3-1.5
debian debianforkyfixed1.7.1.3-1.5
debian debiansidfixed1.7.1.3-1.5
debian debiantrixiefixed1.7.1.3-1.5

Application impact
VendorProductVersionsFixed
dest-unreachsocat1.2.0.0
dest-unreachsocat1.3.0.0
dest-unreachsocat1.3.0.1
dest-unreachsocat1.3.1.0
dest-unreachsocat1.3.2.0
dest-unreachsocat1.3.2.1
dest-unreachsocat1.3.2.2
dest-unreachsocat1.4.0.0
dest-unreachsocat1.4.0.1
dest-unreachsocat1.4.0.2
dest-unreachsocat1.4.0.3
dest-unreachsocat1.4.1.0
dest-unreachsocat1.4.2.0
dest-unreachsocat1.4.3.0
dest-unreachsocat1.4.3.1
dest-unreachsocat1.5.0.0
dest-unreachsocat1.6.0.0
dest-unreachsocat1.6.0.1
dest-unreachsocat1.7.0.0
dest-unreachsocat1.7.0.1
dest-unreachsocat1.7.1.0
dest-unreachsocat1.7.1.1
dest-unreachsocat1.7.1.2
dest-unreachsocat1.7.1.3
dest-unreachsocat1.7.2.0
dest-unreachsocat1.7.2.1
dest-unreachsocat2.0.0

References

Verify integrity in audit chain (admin only). AS-IS.