Squid gopherToHTML() Function Remote Overflow

2005-01-12T17:31:38
ID OSVDB:12887
Type osvdb
Reporter OSVDB
Modified 2005-01-12T17:31:38

Description

Vulnerability Description

A remote overflow exists in Squid. The 'gopherToHTML()' function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request from a malicious gopher server which response with overly long lines, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Robert Collins et al. has released a patch to address this vulnerability.

Short Description

A remote overflow exists in Squid. The 'gopherToHTML()' function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request from a malicious gopher server which response with overly long lines, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor URL: http://www.squid-cache.org/ Vendor Specific Solution URL: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1012883 Secunia Advisory ID:13825 Secunia Advisory ID:13983 Secunia Advisory ID:14484 Secunia Advisory ID:14251 Secunia Advisory ID:14023 Related OSVDB ID: 12886 RedHat RHSA: RHSA-2005:061 Other Advisory URL: http://www.astaro.org/showflat.php?Cat=&Number=56136&page=0&view=collapsed&sb=5&o=&fpart=1#56136 Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000923 Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:014 ISS X-Force ID: 18888 CVE-2005-0094