CVE-2011-3205

MEDIUM

Description

Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.

References

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065534.html

http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html

http://openwall.com/lists/oss-security/2011/08/29/2

http://openwall.com/lists/oss-security/2011/08/30/4

http://openwall.com/lists/oss-security/2011/08/30/8

http://secunia.com/advisories/45805

http://secunia.com/advisories/45906

http://secunia.com/advisories/45920

http://secunia.com/advisories/45965

http://secunia.com/advisories/46029

http://securitytracker.com/id?1025981

http://www.debian.org/security/2011/dsa-2304

http://www.mandriva.com/security/advisories?name=MDVSA-2011:150

http://www.osvdb.org/74847

http://www.redhat.com/support/errata/RHSA-2011-1293.html

http://www.securityfocus.com/bid/49356

http://www.squid-cache.org/Advisories/SQUID-2011_3.txt

http://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch

http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch

http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch

http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch

https://bugzilla.redhat.com/show_bug.cgi?id=734583

Details

Source: MITRE

Published: 2011-09-06

Updated: 2016-11-28

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM