Insecure DH Implementation in Socat 1.7.3.0 and 2.0.0-b8

Insecure DH Implementation in Socat 1.7.3.0 and 2.0.0-b8

CVE-2016-2217 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret.

Learn more about our Web Application Penetration Testing UK.