Multiple buffer overflows in squidGuard 1.4 allow remote attackers to bypass intended URL blocking via a long URL, related to (1) the relationship between a certain buffer size in squidGuard and a certain buffer size in Squid and (2) a redirect URL that contains information about the originally requested URL.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | squidguard | < 1.2.0-9 | squidguard_1.2.0-9_all.deb |
Debian | 11 | all | squidguard | < 1.2.0-9 | squidguard_1.2.0-9_all.deb |
Debian | 10 | all | squidguard | < 1.2.0-9 | squidguard_1.2.0-9_all.deb |
Debian | 999 | all | squidguard | < 1.2.0-9 | squidguard_1.2.0-9_all.deb |
Debian | 13 | all | squidguard | < 1.2.0-9 | squidguard_1.2.0-9_all.deb |