6.8

CVE-2011-3205

EPSS 76.04%
Veröffentlicht 06.09.2011 15:55:08
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response.  NOTE: This issue exists because of a CVE-2005-0094 regression.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 28

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Squid-cache ≫ Squid Version3.0.stable1

Squid-cache ≫ Squid Version3.0.stable2

Squid-cache ≫ Squid Version3.0.stable3

Squid-cache ≫ Squid Version3.0.stable4

Squid-cache ≫ Squid Version3.0.stable5

Squid-cache ≫ Squid Version3.0.stable6

Squid-cache ≫ Squid Version3.0.stable7

Squid-cache ≫ Squid Version3.0.stable8

Squid-cache ≫ Squid Version3.0.stable9

Squid-cache ≫ Squid Version3.0.stable10

Squid-cache ≫ Squid Version3.0.stable11

Squid-cache ≫ Squid Version3.0.stable11 Updaterc1

Squid-cache ≫ Squid Version3.0.stable12

Squid-cache ≫ Squid Version3.0.stable13

Squid-cache ≫ Squid Version3.0.stable14

Squid-cache ≫ Squid Version3.0.stable15

Squid-cache ≫ Squid Version3.0.stable16

Squid-cache ≫ Squid Version3.0.stable16 Updaterc1

Squid-cache ≫ Squid Version3.0.stable17

Squid-cache ≫ Squid Version3.0.stable18

Squid-cache ≫ Squid Version3.0.stable19

Squid-cache ≫ Squid Version3.0.stable20

Squid-cache ≫ Squid Version3.0.stable21

Squid-cache ≫ Squid Version3.0.stable22

Squid-cache ≫ Squid Version3.0.stable23

Squid-cache ≫ Squid Version3.0.stable24

Squid-cache ≫ Squid Version3.0.stable25

Squid-cache ≫ Squid Version3.1

Squid-cache ≫ Squid Version3.1.0.1

Squid-cache ≫ Squid Version3.1.0.2

Squid-cache ≫ Squid Version3.1.0.3

Squid-cache ≫ Squid Version3.1.0.4

Squid-cache ≫ Squid Version3.1.0.5

Squid-cache ≫ Squid Version3.1.0.6

Squid-cache ≫ Squid Version3.1.0.7

Squid-cache ≫ Squid Version3.1.0.8

Squid-cache ≫ Squid Version3.1.0.9

Squid-cache ≫ Squid Version3.1.0.10

Squid-cache ≫ Squid Version3.1.0.11

Squid-cache ≫ Squid Version3.1.0.12

Squid-cache ≫ Squid Version3.1.0.13

Squid-cache ≫ Squid Version3.1.0.14

Squid-cache ≫ Squid Version3.1.0.15

Squid-cache ≫ Squid Version3.1.0.16

Squid-cache ≫ Squid Version3.1.0.17

Squid-cache ≫ Squid Version3.1.0.18

Squid-cache ≫ Squid Version3.1.1

Squid-cache ≫ Squid Version3.1.2

Squid-cache ≫ Squid Version3.1.3

Squid-cache ≫ Squid Version3.1.4

Squid-cache ≫ Squid Version3.1.5

Squid-cache ≫ Squid Version3.1.5.1

Squid-cache ≫ Squid Version3.1.6

Squid-cache ≫ Squid Version3.1.7

Squid-cache ≫ Squid Version3.1.8

Squid-cache ≫ Squid Version3.1.9

Squid-cache ≫ Squid Version3.1.10

Squid-cache ≫ Squid Version3.1.11

Squid-cache ≫ Squid Version3.1.12

Squid-cache ≫ Squid Version3.1.13

Squid-cache ≫ Squid Version3.1.14

Squid-cache ≫ Squid Version3.2.0.1

Squid-cache ≫ Squid Version3.2.0.2

Squid-cache ≫ Squid Version3.2.0.3

Squid-cache ≫ Squid Version3.2.0.4

Squid-cache ≫ Squid Version3.2.0.5

Squid-cache ≫ Squid Version3.2.0.6

Squid-cache ≫ Squid Version3.2.0.7

Squid-cache ≫ Squid Version3.2.0.8

Squid-cache ≫ Squid Version3.2.0.9

Squid-cache ≫ Squid Version3.2.0.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	76.04%	0.989

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065534.html

http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html

http://openwall.com/lists/oss-security/2011/08/29/2

http://openwall.com/lists/oss-security/2011/08/30/4

http://openwall.com/lists/oss-security/2011/08/30/8

http://secunia.com/advisories/45805

Vendor Advisory

http://secunia.com/advisories/45906

http://secunia.com/advisories/45920

http://secunia.com/advisories/45965

http://secunia.com/advisories/46029

http://securitytracker.com/id?1025981

http://www.debian.org/security/2011/dsa-2304

http://www.mandriva.com/security/advisories?name=MDVSA-2011:150

http://www.osvdb.org/74847

http://www.redhat.com/support/errata/RHSA-2011-1293.html

http://www.securityfocus.com/bid/49356

http://www.squid-cache.org/Advisories/SQUID-2011_3.txt

http://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch

Patch

http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch

Patch

http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch

Patch

http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=734583

Patch

https://nvd.nist.gov/vuln/detail/CVE-2011-3205

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-3205

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-3205

EUVD