HTTP: Squid Proxy Gopher Response Processing Buffer Overflow

A buffer overflow vulnerability has exists in the Squid proxy server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.

Affected Products

Squid-cache squid

References

CVE: CVE-2011-3205

Short Name
HTTP:MISC:SQUID-PROXY-GOPHER-RP
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Buffer CVE-2011-3205 Gopher Overflow Processing Proxy Response Squid
Release Date
02/08/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3650
False Positive
Unknown
Vendors

Squid-cache

CVSS Score

6.8

Found a potential security threat?