Check Point Advisories

Preemptive Protection against Squid idnsALookup DNS Name Handling Buffer Overflow (CVE-2013-4115)

Check Point Reference: CPAI-2013-2756
Date Published: 25 Aug 2013
Severity: High
Last Updated: Tuesday 01 January, 2013
Source: CVE-2011-3205
Protection Provided by:
Who is Vulnerable? Squid Project Squid 3.2.x prior to 3.2.12
Squid Project Squid 3.3.x prior to 3.3.7
Vulnerability Description A buffer overflow vulnerability exists in Squid proxy.
Vulnerability DetailsThe vulnerability is due to incorrect data validation. A remote, unauthenticated attacker could exploit this vulnerability by sending a specially crafted request to the Squid proxy. A successful attack attempt could possibly result in the execution of arbitrary code in the security context of the process. An unsuccessful attack will terminate the Squid service creating a denial-of-service condition.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK