CVE-2011-4096 — Squid vulnerability

CWE-39911 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

62.5%

top 1.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Squid-cache Squid

Timeline

PublishedNov 17

Latest updateMay 17

Description

The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDsquid-cache/squid3.1.15+60

🔴Vulnerability Details

GHSA

GHSA-g3fq-pgcr-r7w6: The idnsGrokReply function in Squid before 3↗2022-05-17

▶

CVEList

CVE-2011-4096: The idnsGrokReply function in Squid before 3↗2011-11-17

▶

💥Exploits & PoCs

Exploit-DB

Apache mod_proxy - Reverse Proxy Exposure↗2011-10-11

▶

Exploit-DB

pkexec - Race Condition Privilege Escalation↗2011-10-08

▶

📋Vendor Advisories

Red Hat

squid: Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record↗2011-06-06

▶

💬Community

Bugzilla

CVE-2011-4096 squid: Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record↗2011-10-31

▶

Bugzilla

CVE-2011-4096 squid: Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record [fedora-all]↗2011-10-31

▶

Bugzilla

CVE-2011-3205 squid: buffer overflow flaw in Squid's Gopher reply parser (SQUID-2011:3)↗2011-08-30

▶

Bugzilla

CVE-2011-2916 freenx-client: qtnx stores configuration, including non-default authentication key, with insecure permissions↗2011-08-11

▶