Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:MISC:SQUID-PROXY-GOPHER-RP |
|---|---|
Severity |
Major |
Recommended |
No |
Category |
HTTP |
Keywords |
Squid Proxy Gopher Response Processing Buffer Overflow |
Release Date |
2016/02/08 |
Update Number |
2642 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Squid Proxy Gopher Response Processing Buffer Overflow
A buffer overflow vulnerability has exists in the Squid proxy server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.
Affected Products
- Squid-cache squid 3.0.stable1
- Squid-cache squid 3.0.stable10
- Squid-cache squid 3.0.stable11
- Squid-cache squid 3.0.stable12
- Squid-cache squid 3.0.stable13
- Squid-cache squid 3.0.stable14
- Squid-cache squid 3.0.stable15
- Squid-cache squid 3.0.stable16
- Squid-cache squid 3.0.stable17
- Squid-cache squid 3.0.stable18
- Squid-cache squid 3.0.stable19
- Squid-cache squid 3.0.stable2
- Squid-cache squid 3.0.stable20
- Squid-cache squid 3.0.stable21
- Squid-cache squid 3.0.stable22
- Squid-cache squid 3.0.stable23
- Squid-cache squid 3.0.stable24
- Squid-cache squid 3.0.stable25
- Squid-cache squid 3.0.stable3
- Squid-cache squid 3.0.stable4
- Squid-cache squid 3.0.stable5
- Squid-cache squid 3.0.stable6
- Squid-cache squid 3.0.stable7
- Squid-cache squid 3.0.stable8
- Squid-cache squid 3.0.stable9
- Squid-cache squid 3.1
- Squid-cache squid 3.1.0.1
- Squid-cache squid 3.1.0.10
- Squid-cache squid 3.1.0.11
- Squid-cache squid 3.1.0.12
- Squid-cache squid 3.1.0.13
- Squid-cache squid 3.1.0.14
- Squid-cache squid 3.1.0.15
- Squid-cache squid 3.1.0.16
- Squid-cache squid 3.1.0.17
- Squid-cache squid 3.1.0.18
- Squid-cache squid 3.1.0.2
- Squid-cache squid 3.1.0.3
- Squid-cache squid 3.1.0.4
- Squid-cache squid 3.1.0.5
- Squid-cache squid 3.1.0.6
- Squid-cache squid 3.1.0.7
- Squid-cache squid 3.1.0.8
- Squid-cache squid 3.1.0.9
- Squid-cache squid 3.1.1
- Squid-cache squid 3.1.10
- Squid-cache squid 3.1.11
- Squid-cache squid 3.1.12
- Squid-cache squid 3.1.13
- Squid-cache squid 3.1.14
- Squid-cache squid 3.1.2
- Squid-cache squid 3.1.3
- Squid-cache squid 3.1.4
- Squid-cache squid 3.1.5
- Squid-cache squid 3.1.5.1
- Squid-cache squid 3.1.6
- Squid-cache squid 3.1.7
- Squid-cache squid 3.1.8
- Squid-cache squid 3.1.9
- Squid-cache squid 3.2.0.1
- Squid-cache squid 3.2.0.10
- Squid-cache squid 3.2.0.2
- Squid-cache squid 3.2.0.3
- Squid-cache squid 3.2.0.4
- Squid-cache squid 3.2.0.5
- Squid-cache squid 3.2.0.6
- Squid-cache squid 3.2.0.7
- Squid-cache squid 3.2.0.8
- Squid-cache squid 3.2.0.9
References
- CVE: CVE-2011-3205