CVE-2014-6270Improper Restriction of Operations within the Bounds of a Memory Buffer in Squid

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-193Off-by-one Error10 documents8 sources
Severity
6.8MEDIUMNVD
EPSS
18.2%
top 4.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
SquidOracle SolarisSquid-cache Squid
Timeline
PublishedSep 12
Latest updateMay 17

Description

Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

Debiansquid/squid< 4.1-1+3
NVDsquid-cache/squid170 versions+169
NVDoracle/solaris11.2

Patches

Patch: seclists.orgPatch: seclists.org

🔴Vulnerability Details

4
GHSA
GHSA-9v4x-8f3c-4hmw: Off-by-one error in the snmpHandleUdp function in snmp_core2022-05-17
OSV
squid3 vulnerabilities2016-03-07
OSV
CVE-2014-6270: Off-by-one error in the snmpHandleUdp function in snmp_core2014-09-12
CVEList
CVE-2014-6270: Off-by-one error in the snmpHandleUdp function in snmp_core2014-09-12

📋Vendor Advisories

3
Ubuntu
Squid vulnerabilities2016-03-07
Red Hat
squid: off-by-one error in snmpHandleUdp() leading to a bss-based buffer overflow (SQUID-2014:3)2014-09-09
Debian
CVE-2014-6270: squid - Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and ...2014

💬Community

2
Bugzilla
CVE-2014-6270 squid: off-by-one error in snmpHandleUdp() leading to a bss-based buffer overflow (SQUID-2014:3)2014-09-10
Bugzilla
CVE-2014-6270 squid: off-by-one error in snmpHandleUdp() leading to a heap-based buffer overflow [fedora-all]2014-09-10
CVE-2014-6270 — Squid-cache Squid vulnerability | cvebase