Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2011:150 | First vendor Publication | 2011-10-15 |
Vendor | Mandriva | Last vendor Modification | 2011-10-15 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability has been discovered and corrected in squid: Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression (CVE-2011-3205). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2011:150 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11146 | |||
Oval ID: | oval:org.mitre.oval:def:11146 | ||
Title: | Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses. | ||
Description: | Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0094 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15021 | |||
Oval ID: | oval:org.mitre.oval:def:15021 | ||
Title: | DSA-2304-1 squid3 -- buffer overflow | ||
Description: | Ben Hawkes discovered that squid3, a full featured Web Proxy cache, is vulnerable to a buffer overflow when processing gopher server replies. An attacker can exploit this flaw by connecting to a gopher server that returns lines longer than 4096 bytes. This may result in denial of service conditions or the possibly the execution of arbitrary code with rights of the squid daemon. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2304-1 CVE-2011-3205 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | squid3 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21988 | |||
Oval ID: | oval:org.mitre.oval:def:21988 | ||
Title: | RHSA-2011:1293: squid security update (Moderate) | ||
Description: | Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1293-01 CVE-2011-3205 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | squid |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23528 | |||
Oval ID: | oval:org.mitre.oval:def:23528 | ||
Title: | ELSA-2011:1293: squid security update (Moderate) | ||
Description: | Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1293-01 CVE-2011-3205 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | squid |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27483 | |||
Oval ID: | oval:org.mitre.oval:def:27483 | ||
Title: | DEPRECATED: ELSA-2011-1293 -- squid security update (moderate) | ||
Description: | [7:3.1.10-1.el6_1.1] - Resolves: #735447 - CVE-2011-3205 squid: buffer overflow flaw in Squid's Gopher reply parser | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1293 CVE-2011-3205 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | squid |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-09 | Name : RedHat Update for squid RHSA-2011:1293-01 File : nvt/gb_RHSA-2011_1293-01_squid.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-24 (Squid) File : nvt/glsa_201110_24.nasl |
2011-10-18 | Name : Mandriva Update for squid MDVSA-2011:150 (squid) File : nvt/gb_mandriva_MDVSA_2011_150.nasl |
2011-09-21 | Name : Debian Security Advisory DSA 2304-1 (squid3) File : nvt/deb_2304_1.nasl |
2011-08-30 | Name : Squid Proxy Gopher Remote Buffer Overflow Vulnerability File : nvt/gb_squid_49356.nasl |
2009-10-10 | Name : SLES9: Security update for squid File : nvt/sles9p5013151.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200501-25 (squid) File : nvt/glsa_200501_25.nasl |
2008-09-04 | Name : FreeBSD Ports: squid File : nvt/freebsd_squid6.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 651-1 (squid) File : nvt/deb_651_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
74847 | Squid Gopher Response Parsing Overflow |
12887 | Squid gopherToHTML() Function Remote Overflow A remote overflow exists in Squid. The 'gopherToHTML()' function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request from a malicious gopher server which response with overly long lines, a remote attacker can cause arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Squid Gopher response processing buffer overflow attempt RuleID : 25356 - Revision : 7 - Type : SERVER-OTHER |
2014-01-10 | Squid Gopher protocol handling buffer overflow attempt RuleID : 17432 - Revision : 11 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-09-02 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2089-1.nasl - Type : ACT_GATHER_INFO |
2016-09-02 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1996-1.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_squid_20120118.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_squid3-110902.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_squid3-110902.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2011-1293.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110914_squid_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_squid3-110902.nasl - Type : ACT_GATHER_INFO |
2011-10-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-24.nasl - Type : ACT_GATHER_INFO |
2011-10-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-150.nasl - Type : ACT_GATHER_INFO |
2011-09-16 | Name : The remote proxy server is affected by a buffer overflow. File : squid_3_2_0_11.nasl - Type : ACT_GATHER_INFO |
2011-09-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1293.nasl - Type : ACT_GATHER_INFO |
2011-09-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2304.nasl - Type : ACT_GATHER_INFO |
2011-09-09 | Name : The remote Fedora host is missing a security update. File : fedora_2011-11854.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-67-1.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_184ab9e064cd11d99e1ec296ac722cb3.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-060.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-061.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200501-25.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_006.nasl - Type : ACT_GATHER_INFO |
2005-02-02 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-106.nasl - Type : ACT_GATHER_INFO |
2005-02-02 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-105.nasl - Type : ACT_GATHER_INFO |
2005-01-25 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-014.nasl - Type : ACT_GATHER_INFO |
2005-01-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-651.nasl - Type : ACT_GATHER_INFO |
2005-01-18 | Name : The remote proxy server is affected by multiple vulnerabilities. File : squid_wccp_and_gopher_flaws.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-04-26 22:43:15 |
|
2014-02-17 11:42:29 |
|
2013-05-11 00:48:39 |
|