Launchpad CVE tracker

CVE 2013-4115

Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request.

Related bugs and status

CVE-2013-4115 (Candidate) is related to these bugs:

Bug #1211942: Dropped squid transitional package blocks -proposed migration

Summary				In	Importance	Status
	1211942	Dropped squid transitional package blocks -proposed migration		squid3 (Ubuntu)	High	Fix Released
	1211942	Dropped squid transitional package blocks -proposed migration		squid3 (Ubuntu Saucy)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.squid-cache...
CONFIRM: http://www.squid-cache...
CONFIRM: http://www.squid-cache...
CONFIRM: http://www.squid-cache...
CONFIRM: http://www.squid-cache...
BID: 61111
SECUNIA: 54076
SUSE: openSUSE-SU-2013:1435
SUSE: openSUSE-SU-2013:1436
SUSE: openSUSE-SU-2013:1441
SUSE: openSUSE-SU-2013:1444
SECUNIA: 54834
SECUNIA: 54839
MLIST: [oss-security] 2013071...
SUSE: openSUSE-SU-2013:1443
SUSE: SUSE-SU-2016:1996
SUSE: SUSE-SU-2016:2089
XF: squid-idnsalookup-bo(8...

Launchpad.net

CVE 2013-4115

Related bugs and status

Related bugs

References