Public bug reported: Description Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.
References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3205 https://bugzilla.redhat.com/show_bug.cgi?id=734583 Patch: http://www.squid- cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch ** Affects: squid3 (Ubuntu) Importance: Undecided Assignee: Mahyuddin Susanto (udienz) Status: In Progress ** Changed in: squid3 (Ubuntu) Status: New => In Progress ** Changed in: squid3 (Ubuntu) Assignee: (unassigned) => Mahyuddin Susanto (udienz) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/907690 Title: CVE-2011-3205: DoS (memory corruption and daemon restart) or remote Gopher servers. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/907690/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
