CVE-2011-3205

N/A Unknown
Published: September 06, 2011 Modified: April 29, 2026
View on NVD

Description

Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065534.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00012.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00013.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html
Source: secalert@redhat.com
http://openwall.com/lists/oss-security/2011/08/29/2
Source: secalert@redhat.com
http://openwall.com/lists/oss-security/2011/08/30/4
Source: secalert@redhat.com
http://openwall.com/lists/oss-security/2011/08/30/8
Source: secalert@redhat.com
http://secunia.com/advisories/45805
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/45906
Source: secalert@redhat.com
http://secunia.com/advisories/45920
Source: secalert@redhat.com
http://secunia.com/advisories/45965
Source: secalert@redhat.com
http://secunia.com/advisories/46029
Source: secalert@redhat.com
http://securitytracker.com/id?1025981
Source: secalert@redhat.com
http://www.debian.org/security/2011/dsa-2304
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2011:150
Source: secalert@redhat.com
http://www.osvdb.org/74847
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2011-1293.html
Source: secalert@redhat.com
http://www.securityfocus.com/bid/49356
Source: secalert@redhat.com
http://www.squid-cache.org/Advisories/SQUID-2011_3.txt
Source: secalert@redhat.com
http://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch
Source: secalert@redhat.com
Patch
http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch
Source: secalert@redhat.com
Patch
http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch
Source: secalert@redhat.com
Patch
http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch
Source: secalert@redhat.com
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=734583
Source: secalert@redhat.com
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065534.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00012.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00013.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://openwall.com/lists/oss-security/2011/08/29/2
Source: af854a3a-2127-422b-91ae-364da2661108
http://openwall.com/lists/oss-security/2011/08/30/4
Source: af854a3a-2127-422b-91ae-364da2661108
http://openwall.com/lists/oss-security/2011/08/30/8
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/45805
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/45906
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/45920
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/45965
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/46029
Source: af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1025981
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2011/dsa-2304
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2011:150
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/74847
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2011-1293.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/49356
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.squid-cache.org/Advisories/SQUID-2011_3.txt
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.squid-cache.org/Versions/v2/2.HEAD/changesets/12710.patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10363.patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11294.patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=734583
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

50 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
27.5%
98th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

squid-cache