Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-3205
HistorySep 06, 2011 - 3:55 p.m.

CVE-2011-3205

2011-09-0615:55:08
[email protected]
web.nvd.nist.gov
6

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.945

Percentile

99.3%

JSON

Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.

Affected configurations

Nvd
Node
squid-cachesquidMatch3.0.stable1
OR
squid-cachesquidMatch3.0.stable2
OR
squid-cachesquidMatch3.0.stable3
OR
squid-cachesquidMatch3.0.stable4
OR
squid-cachesquidMatch3.0.stable5
OR
squid-cachesquidMatch3.0.stable6
OR
squid-cachesquidMatch3.0.stable7
OR
squid-cachesquidMatch3.0.stable8
OR
squid-cachesquidMatch3.0.stable9
OR
squid-cachesquidMatch3.0.stable10
OR
squid-cachesquidMatch3.0.stable11
OR
squid-cachesquidMatch3.0.stable11rc1
OR
squid-cachesquidMatch3.0.stable12
OR
squid-cachesquidMatch3.0.stable13
OR
squid-cachesquidMatch3.0.stable14
OR
squid-cachesquidMatch3.0.stable15
OR
squid-cachesquidMatch3.0.stable16
OR
squid-cachesquidMatch3.0.stable16rc1
OR
squid-cachesquidMatch3.0.stable17
OR
squid-cachesquidMatch3.0.stable18
OR
squid-cachesquidMatch3.0.stable19
OR
squid-cachesquidMatch3.0.stable20
OR
squid-cachesquidMatch3.0.stable21
OR
squid-cachesquidMatch3.0.stable22
OR
squid-cachesquidMatch3.0.stable23
OR
squid-cachesquidMatch3.0.stable24
OR
squid-cachesquidMatch3.0.stable25
Node
squid-cachesquidMatch3.1
OR
squid-cachesquidMatch3.1.0.1
OR
squid-cachesquidMatch3.1.0.2
OR
squid-cachesquidMatch3.1.0.3
OR
squid-cachesquidMatch3.1.0.4
OR
squid-cachesquidMatch3.1.0.5
OR
squid-cachesquidMatch3.1.0.6
OR
squid-cachesquidMatch3.1.0.7
OR
squid-cachesquidMatch3.1.0.8
OR
squid-cachesquidMatch3.1.0.9
OR
squid-cachesquidMatch3.1.0.10
OR
squid-cachesquidMatch3.1.0.11
OR
squid-cachesquidMatch3.1.0.12
OR
squid-cachesquidMatch3.1.0.13
OR
squid-cachesquidMatch3.1.0.14
OR
squid-cachesquidMatch3.1.0.15
OR
squid-cachesquidMatch3.1.0.16
OR
squid-cachesquidMatch3.1.0.17
OR
squid-cachesquidMatch3.1.0.18
OR
squid-cachesquidMatch3.1.1
OR
squid-cachesquidMatch3.1.2
OR
squid-cachesquidMatch3.1.3
OR
squid-cachesquidMatch3.1.4
OR
squid-cachesquidMatch3.1.5
OR
squid-cachesquidMatch3.1.5.1
OR
squid-cachesquidMatch3.1.6
OR
squid-cachesquidMatch3.1.7
OR
squid-cachesquidMatch3.1.8
OR
squid-cachesquidMatch3.1.9
OR
squid-cachesquidMatch3.1.10
OR
squid-cachesquidMatch3.1.11
OR
squid-cachesquidMatch3.1.12
OR
squid-cachesquidMatch3.1.13
OR
squid-cachesquidMatch3.1.14
Node
squid-cachesquidMatch3.2.0.1
OR
squid-cachesquidMatch3.2.0.2
OR
squid-cachesquidMatch3.2.0.3
OR
squid-cachesquidMatch3.2.0.4
OR
squid-cachesquidMatch3.2.0.5
OR
squid-cachesquidMatch3.2.0.6
OR
squid-cachesquidMatch3.2.0.7
OR
squid-cachesquidMatch3.2.0.8
OR
squid-cachesquidMatch3.2.0.9
OR
squid-cachesquidMatch3.2.0.10
VendorProductVersionCPE
squid-cachesquid3.0.stable1cpe:2.3:a:squid-cache:squid:3.0.stable1:*:*:*:*:*:*:*
squid-cachesquid3.0.stable2cpe:2.3:a:squid-cache:squid:3.0.stable2:*:*:*:*:*:*:*
squid-cachesquid3.0.stable3cpe:2.3:a:squid-cache:squid:3.0.stable3:*:*:*:*:*:*:*
squid-cachesquid3.0.stable4cpe:2.3:a:squid-cache:squid:3.0.stable4:*:*:*:*:*:*:*
squid-cachesquid3.0.stable5cpe:2.3:a:squid-cache:squid:3.0.stable5:*:*:*:*:*:*:*
squid-cachesquid3.0.stable6cpe:2.3:a:squid-cache:squid:3.0.stable6:*:*:*:*:*:*:*
squid-cachesquid3.0.stable7cpe:2.3:a:squid-cache:squid:3.0.stable7:*:*:*:*:*:*:*
squid-cachesquid3.0.stable8cpe:2.3:a:squid-cache:squid:3.0.stable8:*:*:*:*:*:*:*
squid-cachesquid3.0.stable9cpe:2.3:a:squid-cache:squid:3.0.stable9:*:*:*:*:*:*:*
squid-cachesquid3.0.stable10cpe:2.3:a:squid-cache:squid:3.0.stable10:*:*:*:*:*:*:*
Rows per page:
1-10 of 711

References

Related

nessus 25
prion 1
cve 2
ubuntucve 2
cvelist 2
debiancve 2
openvas 22
oraclelinux 1
veracode 1
checkpoint_advisories 3
altlinux 1
suse 5
debian 3
securityvulns 2
redhat 3
nvd 1
freebsd 1
osv 1
ubuntu 1
gentoo 2
cert 1
nessus
nessus
Mandriva Linux Security Advisory : squid (MDVSA-2011:150)
2011-10-17 00:00:00
Oracle Solaris Third-Party Patch Update : squid (cve_2011_3205_buffer_overflow)
2015-01-19 00:00:00
Squid 3.x < 3.0.STABLE26 / 3.1.15 / 3.2.0.11 Gopher Buffer Overflow
2011-09-16 00:00:00
prion
prion
Buffer overflow
2011-09-06 15:55:00
cve
cve
CVE-2011-3205
2011-09-06 15:55:08
CVE-2005-0094
2005-01-19 05:00:00
ubuntucve
ubuntucve
CVE-2011-3205
2011-09-06 00:00:00
CVE-2005-0094
2005-01-15 00:00:00
cvelist
cvelist
CVE-2011-3205
2011-09-06 15:00:00
CVE-2005-0094
2005-01-19 05:00:00
debiancve
debiancve
CVE-2011-3205
2011-09-06 15:55:08
CVE-2005-0094
2005-01-19 05:00:00
openvas
openvas
Mandriva Update for squid MDVSA-2011:150 (squid)
2011-10-18 00:00:00
Mandriva Update for squid MDVSA-2011:150 (squid)
2011-10-18 00:00:00
RedHat Update for squid RHSA-2011:1293-01
2012-07-09 00:00:00
oraclelinux
oraclelinux
squid security update
2011-09-14 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:05:32
checkpoint_advisories
checkpoint_advisories
Squid Proxy Gopher Response Processing Denial of Service (CVE-2011-3205)
2012-05-14 00:00:00
Squid Proxy Gopher Response Processing Buffer Overflow (CVE-2011-3205)
2011-11-29 00:00:00
Squid Gopher Protocol Handling Buffer Overflow (CVE-2005-0094)
2009-12-15 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package squid version 3.1.15-alt1
2011-09-07 00:00:00
suse
suse
Security update for squid3 (important)
2011-09-07 17:08:16
VUL-0: CVE-2011-3205: squid: buffer overflow in Gopher reply parser (important)
2011-09-07 17:08:13
remote command execution in squid
2005-02-10 15:13:39
debian
debian
[SECURITY] [DSA 2304-1] squid3 security update
2011-09-11 17:51:59
[SECURITY] [DSA 651-1] New squid packages fix denial of service
2005-01-20 17:06:36
[SECURITY] [DSA 651-1] New squid packages fix denial of service
2005-01-20 17:06:36
securityvulns
securityvulns
squid buffer overflow
2011-09-13 00:00:00
[SECURITY] [DSA 2304-1] squid3 security update
2011-09-13 00:00:00
redhat
redhat
(RHSA-2011:1293) Moderate: squid security update
2011-09-14 00:00:00
(RHSA-2005:061) squid security update
2005-02-11 00:00:00
(RHSA-2005:060) squid security update
2005-02-15 00:00:00
nvd
nvd
CVE-2005-0094
2005-01-15 05:00:00
freebsd
freebsd
squid -- buffer overflow vulnerability in gopherToHTML
2005-01-11 00:00:00
osv
osv
squid - buffer overflow, integer overflow
2005-01-20 00:00:00
ubuntu
ubuntu
Squid vulnerabilities
2005-01-21 00:00:00
gentoo
gentoo
Squid: Multiple vulnerabilities
2005-01-16 00:00:00
Squid: Multiple vulnerabilities
2011-10-26 00:00:00
cert
cert
mod_python vulnerable to information disclosure via crafted URL
2005-02-21 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.945

Percentile

99.3%

JSON
Related for NVD:CVE-2011-3205
nessus25prion1cve2ubuntucve2cvelist2debiancve2openvas22oraclelinux1veracode1checkpoint_advisories3altlinux1suse5debian3securityvulns2redhat3nvd1freebsd1osv1ubuntu1gentoo2cert1