#VU44754 Input validation error in Squid - CVE-2011-3205


| Updated: 2021-10-04

Vulnerability identifier: #VU44754

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2011-3205

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Squid
Server applications / IDS/IPS systems, Firewalls and proxy servers

Vendor: Squid-cache.org

Description

The vulnerability allows remote Gopher servers to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Squid: 3.0.stable1 - 3.2.0.10

External links
https://lists.fedoraproject.org/pipermail/package-announce/2011-September/065534.html
https://lists.opensuse.org/opensuse-security-announce/2011-09/msg00012.html
https://lists.opensuse.org/opensuse-security-announce/2011-09/msg00013.html
https://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html
https://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html
https://openwall.com/lists/oss-security/2011/08/29/2
https://openwall.com/lists/oss-security/2011/08/30/4
https://openwall.com/lists/oss-security/2011/08/30/8
https://secunia.com/advisories/45805
https://secunia.com/advisories/45906
https://secunia.com/advisories/45920
https://secunia.com/advisories/45965
https://secunia.com/advisories/46029
https://securitytracker.com/id?1025981
https://www.debian.org/security/2011/dsa-2304
https://www.mandriva.com/security/advisories?name=MDVSA-2011:150
https://www.osvdb.org/74847
https://www.redhat.com/support/errata/RHSA-2011-1293.html
https://www.securityfocus.com/bid/49356
https://www.squid-cache.org/Advisories/SQUID-2011_3.txt
https://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch
https://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch
https://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch
https://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch
https://bugzilla.redhat.com/show_bug.cgi?id=734583

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


SUSE Linux update for squid3
Input validation error in Squid-cache Squid