[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-3205Date: (C)2011-09-06   (M)2023-12-22


Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1025981
SECUNIA-45805
SECUNIA-45906
SECUNIA-45920
SECUNIA-45965
SECUNIA-46029
BID-49356
OSVDB-74847
DSA-2304
FEDORA-2011-11854
MDVSA-2011:150
RHSA-2011:1293
SUSE-SU-2011:1019
SUSE-SU-2016:1996
SUSE-SU-2016:2089
http://openwall.com/lists/oss-security/2011/08/29/2
http://openwall.com/lists/oss-security/2011/08/30/4
http://www.squid-cache.org/Advisories/SQUID-2011_3.txt
http://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch
http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch
http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch
http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch
https://bugzilla.redhat.com/show_bug.cgi?id=734583
openSUSE-SU-2011:1018

CPE    71
cpe:/a:squid-cache:squid:3.0.stable19
cpe:/a:squid-cache:squid:3.0.stable18
cpe:/a:squid-cache:squid:3.0.stable15
cpe:/a:squid-cache:squid:3.0.stable14
...
OVAL    7
oval:org.secpod.oval:def:600619
oval:org.secpod.oval:def:400320
oval:org.secpod.oval:def:89045186
oval:org.secpod.oval:def:89045381
...

© SecPod Technologies