VDB
CVE-2011-3205
CVE-2011-3205
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.
EPSS 74.96% · 98.9th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
74.96%
98.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a, n/a, n/a |
| squid-cache | squid | 3.0.stable1, 3.0.stable2, 3.0.stable3 |
Exploit Intelligence
- RHSA-2011:1293 (circl)
- 46029 (circl)
- 45906 (circl)
- FEDORA-2011-11854 (circl)
- SUSE-SU-2016:1996 (circl)
- SUSE-SU-2011:1019 (circl)
- 1025981 (circl)
- http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch (circl)
- http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch (circl)
- http://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch (circl)
…and 15 more exploits
Timeline
- Sep 6, 2011 CVE Published
- Feb 4, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
- Feb 12, 2024 EPSS Score
References
- RHSA-2011:1293 vendor-advisory
- 46029 third-party-advisory
- 45906 third-party-advisory
- FEDORA-2011-11854 vendor-advisory
- SUSE-SU-2016:1996 vendor-advisory
- SUSE-SU-2011:1019 vendor-advisory
- 1025981 vdb
- http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch url
- http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch url
- http://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch url
- 45965 third-party-advisory
- 45805 third-party-advisory
- DSA-2304 vendor-advisory
- [oss-security] 20110830 Re: CVE-request(?): squid: buffer overflow in Gopher reply parser mailing-list
- http://www.squid-cache.org/Advisories/SQUID-2011_3.txt url
- openSUSE-SU-2011:1018 vendor-advisory
- [oss-security] 20110829 CVE-request(?): squid: buffer overflow in Gopher reply parser mailing-list
- https://bugzilla.redhat.com/show_bug.cgi?id=734583 url
- [oss-security] 20110830 Re: CVE-request(?): squid: buffer overflow in Gopher reply parser mailing-list
- http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch url
…and 6 more