Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3205

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-3205
Last Modified 25 Oct 2011 11:00:45
Published 06 Sep 2011 11:55:08
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3205

Summary

Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.

Vulnerable Systems

Application

  • Squid-cache Squid 3.0.stable1

  • Squid-cache Squid 3.0.stable10

  • Squid-cache Squid 3.0.stable11

  • Squid-cache Squid 3.0.stable12

  • Squid-cache Squid 3.0.stable13

  • Squid-cache Squid 3.0.stable14

  • Squid-cache Squid 3.0.stable15

  • Squid-cache Squid 3.0.stable16

  • Squid-cache Squid 3.0.stable17

  • Squid-cache Squid 3.0.stable18

  • Squid-cache Squid 3.0.stable19

  • Squid-cache Squid 3.0.stable2

  • Squid-cache Squid 3.0.stable20

  • Squid-cache Squid 3.0.stable21

  • Squid-cache Squid 3.0.stable22

  • Squid-cache Squid 3.0.stable23

  • Squid-cache Squid 3.0.stable24

  • Squid-cache Squid 3.0.stable25

  • Squid-cache Squid 3.0.stable3

  • Squid-cache Squid 3.0.stable4

  • Squid-cache Squid 3.0.stable5

  • Squid-cache Squid 3.0.stable6

  • Squid-cache Squid 3.0.stable7

  • Squid-cache Squid 3.0.stable8

  • Squid-cache Squid 3.0.stable9

  • Squid-cache Squid 3.1

  • Squid-cache Squid 3.1.0.1

  • Squid-cache Squid 3.1.0.10

  • Squid-cache Squid 3.1.0.11

  • Squid-cache Squid 3.1.0.12

  • Squid-cache Squid 3.1.0.13

  • Squid-cache Squid 3.1.0.14

  • Squid-cache Squid 3.1.0.15

  • Squid-cache Squid 3.1.0.16

  • Squid-cache Squid 3.1.0.17

  • Squid-cache Squid 3.1.0.18

  • Squid-cache Squid 3.1.0.2

  • Squid-cache Squid 3.1.0.3

  • Squid-cache Squid 3.1.0.4

  • Squid-cache Squid 3.1.0.5

  • Squid-cache Squid 3.1.0.6

  • Squid-cache Squid 3.1.0.7

  • Squid-cache Squid 3.1.0.8

  • Squid-cache Squid 3.1.0.9

  • Squid-cache Squid 3.1.1

  • Squid-cache Squid 3.1.10

  • Squid-cache Squid 3.1.11

  • Squid-cache Squid 3.1.12

  • Squid-cache Squid 3.1.13

  • Squid-cache Squid 3.1.14

  • Squid-cache Squid 3.1.2

  • Squid-cache Squid 3.1.3

  • Squid-cache Squid 3.1.4

  • Squid-cache Squid 3.1.5

  • Squid-cache Squid 3.1.5.1

  • Squid-cache Squid 3.1.6

  • Squid-cache Squid 3.1.7

  • Squid-cache Squid 3.1.8

  • Squid-cache Squid 3.1.9

  • Squid-cache Squid 3.2.0.1

  • Squid-cache Squid 3.2.0.10

  • Squid-cache Squid 3.2.0.2

  • Squid-cache Squid 3.2.0.3

  • Squid-cache Squid 3.2.0.4

  • Squid-cache Squid 3.2.0.5

  • Squid-cache Squid 3.2.0.6

  • Squid-cache Squid 3.2.0.7

  • Squid-cache Squid 3.2.0.8

  • Squid-cache Squid 3.2.0.9


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=734583

CONFIRM - http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch

CONFIRM - http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch

CONFIRM - http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch

CONFIRM - http://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch

CONFIRM - http://www.squid-cache.org/Advisories/SQUID-2011_3.txt

BID - 49356

REDHAT - RHSA-2011:1293

OSVDB - 74847

MANDRIVA - MDVSA-2011:150

DEBIAN - DSA-2304

SECTRACK - 1025981

SECUNIA - 46029

SECUNIA - 45965

SECUNIA - 45920

SECUNIA - 45906

SECUNIA - 45805

MLIST - [oss-security] 20110830 Re: CVE-request(?): squid: buffer overflow in Gopher reply parser

MLIST - [oss-security] 20110829 CVE-request(?): squid: buffer overflow in Gopher reply parser

SUSE - SUSE-SU-2011:1019

SUSE - openSUSE-SU-2011:1018

FEDORA - FEDORA-2011-11854


Last Updated: 27 May 2016 10:57:14