RedhatCVELIST:CVE-2011-3205CVE-2011-3205
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.
References
lists.fedoraproject.org/pipermail/package-announce/2011-September/065534.html
lists.opensuse.org/opensuse-security-announce/2011-09/msg00012.html
lists.opensuse.org/opensuse-security-announce/2011-09/msg00013.html
lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html
lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html
openwall.com/lists/oss-security/2011/08/29/2
openwall.com/lists/oss-security/2011/08/30/4
openwall.com/lists/oss-security/2011/08/30/8
secunia.com/advisories/45805
secunia.com/advisories/45906
secunia.com/advisories/45920
secunia.com/advisories/45965
secunia.com/advisories/46029
securitytracker.com/id?1025981
www.debian.org/security/2011/dsa-2304
www.mandriva.com/security/advisories?name=MDVSA-2011:150
www.osvdb.org/74847
www.redhat.com/support/errata/RHSA-2011-1293.html
www.securityfocus.com/bid/49356
www.squid-cache.org/Advisories/SQUID-2011_3.txt
www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch
www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch
www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch
www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch
bugzilla.redhat.com/show_bug.cgi?id=734583
Related
