DSA-2304-1 squid3 -- buffer overflowID: oval:org.secpod.oval:def:600619 | Date: (C)2011-10-13 (M)2023-11-09 |
Class: PATCH | Family: unix |
Ben Hawkes discovered that squid3, a full featured Web Proxy cache , is vulnerable to a buffer overflow when processing gopher server replies. An attacker can exploit this flaw by connecting to a gopher server that returns lines longer than 4096 bytes. This may result in denial of service conditions or the possibly the execution of arbitrary code with rights of the squid daemon.
Platform: |
Debian 5.0 |
Debian 6.0 |