GSD-2011-3205 — Vulnetix

Try Vulnetix Request Demo

GSD-2011-3205 PUBLISHED

Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a

Timeline

Sep 6, 2011 CVE Published
Mar 31, 2026 Distribution Patch
Mar 31, 2026 Security Advisory
Mar 31, 2026 Security Advisory
Mar 31, 2026 Security Advisory
Mar 31, 2026 Security Advisory
Mar 31, 2026 Security Advisory

References

RHSA-2011:1293 vendor-advisory
46029 third-party-advisory
45906 third-party-advisory
FEDORA-2011-11854 vendor-advisory
SUSE-SU-2016:1996 vendor-advisory
SUSE-SU-2011:1019 vendor-advisory
1025981 vdb
http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch url
http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch url
http://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch url
45965 third-party-advisory
45805 third-party-advisory
DSA-2304 vendor-advisory
[oss-security] 20110830 Re: CVE-request(?): squid: buffer overflow in Gopher reply parser mailing-list
http://www.squid-cache.org/Advisories/SQUID-2011_3.txt url
openSUSE-SU-2011:1018 vendor-advisory
[oss-security] 20110829 CVE-request(?): squid: buffer overflow in Gopher reply parser mailing-list
https://bugzilla.redhat.com/show_bug.cgi?id=734583 url
[oss-security] 20110830 Re: CVE-request(?): squid: buffer overflow in Gopher reply parser mailing-list
http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch url

…and 5 more

Open in Interactive Console →