Oval Definition:	oval:org.mitre.oval:def:15021
Revision Date: 2014-06-23 Version: 20 Title: DSA-2304-1 squid3 -- buffer overflow Description: Ben Hawkes discovered that squid3, a full featured Web Proxy cache, is vulnerable to a buffer overflow when processing gopher server replies. An attacker can exploit this flaw by connecting to a gopher server that returns lines longer than 4096 bytes. This may result in denial of service conditions or the possibly the execution of arbitrary code with rights of the squid daemon. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2011-3205 DSA-2304-1 Platform(s): Debian GNU/kFreeBSD 6.0 Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Product(s): squid3 Definition Synopsis Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND squid3 DPKG is earlier than 3.0.STABLE8-3+lenny5 OR Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed OR Debian GNU/kFreeBSD is installed AND Installed architecture is all AND squid3 DPKG is earlier than 3.1.6-1.2+squeeze1
BACK