Squid 'DNS' Reply Remote Buffer Overflow Vulnerability Network Vulnerability

Summary

Squid is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Squid 3.1.6 is vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for details.

References

http://marc.info/?l=squid-users&m=128263555724981&w=2
http://www.squid-cache.org/
https://bugzilla.redhat.com/show_bug.cgi?id=62692
https://www.securityfocus.com/bid/42645

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2951

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

INN buffer overflow
Wireshark BER Dissector Stack Consumption Vulnerability (Win)
VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Linux)
VMCI/HGFS VmWare Code Execution Vulnerability (Linux)
Microsoft Internet Explorer Buffer Overflow Vulnerability - Jul09

Take action and discover your vulnerabilities