8.2 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.908 High
EPSS
Percentile
98.8%
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.
lists.opensuse.org/opensuse-security-announce/2011-09/msg00012.html
lists.opensuse.org/opensuse-security-announce/2011-09/msg00013.html
lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html
lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html
openwall.com/lists/oss-security/2011/08/29/2
openwall.com/lists/oss-security/2011/08/30/4
openwall.com/lists/oss-security/2011/08/30/8
secunia.com/advisories/45805
secunia.com/advisories/45906
secunia.com/advisories/45920
secunia.com/advisories/45965
secunia.com/advisories/46029
securitytracker.com/id?1025981
www.debian.org/security/2011/dsa-2304
www.mandriva.com/security/advisories?name=MDVSA-2011:150
www.osvdb.org/74847
www.redhat.com/support/errata/RHSA-2011-1293.html
www.securityfocus.com/bid/49356
www.squid-cache.org/Advisories/SQUID-2011_3.txt
www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch
www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch
www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch
www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch
bugzilla.redhat.com/show_bug.cgi?id=734583
lists.fedoraproject.org/pipermail/package-announce/2011-September/065534.html