Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-3205
HistorySep 06, 2011 - 3:55 p.m.

CVE-2011-3205

2011-09-0615:55:08
[email protected]
web.nvd.nist.gov
136
cve-2011-3205
buffer overflow
gophertohtml
gopher reply parser
squid 3.0
squid 3.1
squid 3.2
denial of service
memory corruption
daemon restart

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.1 High

AI Score

Confidence

High

0.948 High

EPSS

Percentile

99.3%

JSON

Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.

Affected configurations

NVD
Node
squid-cachesquidMatch3.0.stable1
OR
squid-cachesquidMatch3.0.stable2
OR
squid-cachesquidMatch3.0.stable3
OR
squid-cachesquidMatch3.0.stable4
OR
squid-cachesquidMatch3.0.stable5
OR
squid-cachesquidMatch3.0.stable6
OR
squid-cachesquidMatch3.0.stable7
OR
squid-cachesquidMatch3.0.stable8
OR
squid-cachesquidMatch3.0.stable9
OR
squid-cachesquidMatch3.0.stable10
OR
squid-cachesquidMatch3.0.stable11
OR
squid-cachesquidMatch3.0.stable11rc1
OR
squid-cachesquidMatch3.0.stable12
OR
squid-cachesquidMatch3.0.stable13
OR
squid-cachesquidMatch3.0.stable14
OR
squid-cachesquidMatch3.0.stable15
OR
squid-cachesquidMatch3.0.stable16
OR
squid-cachesquidMatch3.0.stable16rc1
OR
squid-cachesquidMatch3.0.stable17
OR
squid-cachesquidMatch3.0.stable18
OR
squid-cachesquidMatch3.0.stable19
OR
squid-cachesquidMatch3.0.stable20
OR
squid-cachesquidMatch3.0.stable21
OR
squid-cachesquidMatch3.0.stable22
OR
squid-cachesquidMatch3.0.stable23
OR
squid-cachesquidMatch3.0.stable24
OR
squid-cachesquidMatch3.0.stable25
Node
squid-cachesquidMatch3.1
OR
squid-cachesquidMatch3.1.0.1
OR
squid-cachesquidMatch3.1.0.2
OR
squid-cachesquidMatch3.1.0.3
OR
squid-cachesquidMatch3.1.0.4
OR
squid-cachesquidMatch3.1.0.5
OR
squid-cachesquidMatch3.1.0.6
OR
squid-cachesquidMatch3.1.0.7
OR
squid-cachesquidMatch3.1.0.8
OR
squid-cachesquidMatch3.1.0.9
OR
squid-cachesquidMatch3.1.0.10
OR
squid-cachesquidMatch3.1.0.11
OR
squid-cachesquidMatch3.1.0.12
OR
squid-cachesquidMatch3.1.0.13
OR
squid-cachesquidMatch3.1.0.14
OR
squid-cachesquidMatch3.1.0.15
OR
squid-cachesquidMatch3.1.0.16
OR
squid-cachesquidMatch3.1.0.17
OR
squid-cachesquidMatch3.1.0.18
OR
squid-cachesquidMatch3.1.1
OR
squid-cachesquidMatch3.1.2
OR
squid-cachesquidMatch3.1.3
OR
squid-cachesquidMatch3.1.4
OR
squid-cachesquidMatch3.1.5
OR
squid-cachesquidMatch3.1.5.1
OR
squid-cachesquidMatch3.1.6
OR
squid-cachesquidMatch3.1.7
OR
squid-cachesquidMatch3.1.8
OR
squid-cachesquidMatch3.1.9
OR
squid-cachesquidMatch3.1.10
OR
squid-cachesquidMatch3.1.11
OR
squid-cachesquidMatch3.1.12
OR
squid-cachesquidMatch3.1.13
OR
squid-cachesquidMatch3.1.14
Node
squid-cachesquidMatch3.2.0.1
OR
squid-cachesquidMatch3.2.0.2
OR
squid-cachesquidMatch3.2.0.3
OR
squid-cachesquidMatch3.2.0.4
OR
squid-cachesquidMatch3.2.0.5
OR
squid-cachesquidMatch3.2.0.6
OR
squid-cachesquidMatch3.2.0.7
OR
squid-cachesquidMatch3.2.0.8
OR
squid-cachesquidMatch3.2.0.9
OR
squid-cachesquidMatch3.2.0.10

References

Related

debiancve 2
cvelist 2
ubuntucve 2
nessus 25
prion 1
nvd 2
openvas 22
checkpoint_advisories 3
veracode 1
oraclelinux 1
redhat 3
debian 3
suse 5
securityvulns 2
altlinux 1
cve 1
freebsd 1
osv 1
gentoo 2
ubuntu 1
cert 1
debiancve
debiancve
CVE-2011-3205
2011-09-06 15:55:08
CVE-2005-0094
2005-01-19 05:00:00
cvelist
cvelist
CVE-2011-3205
2011-09-06 15:00:00
CVE-2005-0094
2005-01-19 05:00:00
ubuntucve
ubuntucve
CVE-2011-3205
2011-09-06 00:00:00
CVE-2005-0094
2005-01-15 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : squid (MDVSA-2011:150)
2011-10-17 00:00:00
Oracle Solaris Third-Party Patch Update : squid (cve_2011_3205_buffer_overflow)
2015-01-19 00:00:00
openSUSE Security Update : squid3 (openSUSE-SU-2011:1018-1)
2014-06-13 00:00:00
prion
prion
Buffer overflow
2011-09-06 15:55:00
nvd
nvd
CVE-2011-3205
2011-09-06 15:55:08
CVE-2005-0094
2005-01-15 05:00:00
openvas
openvas
Mandriva Update for squid MDVSA-2011:150 (squid)
2011-10-18 00:00:00
Mandriva Update for squid MDVSA-2011:150 (squid)
2011-10-18 00:00:00
Squid Gopher Remote Buffer Overflow Vulnerability (SQUID-2011:3)
2011-08-30 00:00:00
checkpoint_advisories
checkpoint_advisories
Squid Proxy Gopher Response Processing Buffer Overflow (CVE-2011-3205)
2011-11-29 00:00:00
Squid Proxy Gopher Response Processing Denial of Service (CVE-2011-3205)
2012-05-14 00:00:00
Squid Gopher Protocol Handling Buffer Overflow (CVE-2005-0094)
2009-12-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:05:32
oraclelinux
oraclelinux
squid security update
2011-09-14 00:00:00
redhat
redhat
(RHSA-2011:1293) Moderate: squid security update
2011-09-14 00:00:00
(RHSA-2005:060) squid security update
2005-02-15 00:00:00
(RHSA-2005:061) squid security update
2005-02-11 00:00:00
debian
debian
[SECURITY] [DSA 2304-1] squid3 security update
2011-09-11 17:51:59
[SECURITY] [DSA 651-1] New squid packages fix denial of service
2005-01-20 17:06:36
[SECURITY] [DSA 651-1] New squid packages fix denial of service
2005-01-20 17:06:36
suse
suse
VUL-0: CVE-2011-3205: squid: buffer overflow in Gopher reply parser (important)
2011-09-07 17:08:13
Security update for squid3 (important)
2011-09-07 17:08:16
remote command execution in squid
2005-02-10 15:13:39
securityvulns
securityvulns
squid buffer overflow
2011-09-13 00:00:00
[SECURITY] [DSA 2304-1] squid3 security update
2011-09-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package squid version 3.1.15-alt1
2011-09-07 00:00:00
cve
cve
CVE-2005-0094
2005-01-19 05:00:00
freebsd
freebsd
squid -- buffer overflow vulnerability in gopherToHTML
2005-01-11 00:00:00
osv
osv
squid - buffer overflow, integer overflow
2005-01-20 00:00:00
gentoo
gentoo
Squid: Multiple vulnerabilities
2011-10-26 00:00:00
Squid: Multiple vulnerabilities
2005-01-16 00:00:00
ubuntu
ubuntu
Squid vulnerabilities
2005-01-21 00:00:00
cert
cert
mod_python vulnerable to information disclosure via crafted URL
2005-02-21 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.1 High

AI Score

Confidence

High

0.948 High

EPSS

Percentile

99.3%

JSON
Related for CVE-2011-3205
debiancve2cvelist2ubuntucve2nessus25prion1nvd2openvas22checkpoint_advisories3veracode1oraclelinux1redhat3debian3suse5securityvulns2altlinux1cve1freebsd1osv1gentoo2ubuntu1cert1