CVE-2011-4096

Severity

50%

Complexity

99%

Confidentiality

48%

The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record.

The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

Type

squid-cache.org Squid

First reported 13 years ago

2011-11-17 19:55:00

Last updated 8 years ago

2016-11-28 19:07:00

Affected Software

squid-cache.org Squid 3.0

3.0

squid-cache.org Squid 3.0 release candidate 4

3.0

squid-cache.org Squid 3.0.stable1

3.0.stable1

squid-cache.org Squid 3.0.stable2

3.0.stable2

squid-cache.org Squid 3.0.stable3

3.0.stable3

squid-cache.org Squid 3.0.stable4

3.0.stable4

squid-cache.org Squid 3.0.stable5

3.0.stable5

squid-cache.org Squid 3.0.stable6

3.0.stable6

squid-cache.org Squid 3.0.stable7

3.0.stable7

squid-cache.org Squid 3.0.stable8

3.0.stable8

squid-cache.org Squid 3.0.stable9

3.0.stable9

squid-cache.org Squid 3.0.stable10

3.0.stable10

squid-cache.org Squid 3.0.stable11

3.0.stable11

squid-cache.org Squid 3.0.stable11 release candidate 1

3.0.stable11

squid-cache.org Squid 3.0.stable12

3.0.stable12

squid-cache.org Squid 3.0.stable13

3.0.stable13

squid-cache.org Squid 3.0.stable14

3.0.stable14

squid-cache.org Squid 3.0.stable15

3.0.stable15

squid-cache.org Squid 3.0.stable16

3.0.stable16

squid-cache.org Squid 3.0.stable16 release candidate 1

3.0.stable16

squid-cache.org Squid 3.0.stable17

3.0.stable17

squid-cache.org Squid 3.0.stable18

3.0.stable18

squid-cache.org Squid 3.0.stable19

3.0.stable19

squid-cache.org Squid 3.0.stable20

3.0.stable20

squid-cache.org Squid 3.0.stable21

3.0.stable21

squid-cache.org Squid 3.0.stable22

3.0.stable22

squid-cache.org Squid 3.0.stable23

3.0.stable23

squid-cache.org Squid 3.0.stable24

3.0.stable24

squid-cache.org Squid 3.0.stable25

3.0.stable25

squid-cache.org Squid 3.1

3.1

squid-cache.org Squid 3.1.0.1

3.1.0.1

squid-cache.org Squid 3.1.0.2

3.1.0.2

squid-cache.org Squid 3.1.0.3

3.1.0.3

squid-cache.org Squid 3.1.0.4

3.1.0.4

squid-cache.org Squid 3.1.0.5

3.1.0.5

squid-cache.org Squid 3.1.0.6

3.1.0.6

squid-cache.org Squid 3.1.0.7

3.1.0.7

squid-cache.org Squid 3.1.0.8

3.1.0.8

squid-cache.org Squid 3.1.0.9

3.1.0.9

squid-cache.org Squid 3.1.0.10

3.1.0.10

squid-cache.org Squid 3.1.0.11

3.1.0.11

squid-cache.org Squid 3.1.0.12

3.1.0.12

squid-cache.org Squid 3.1.0.13

3.1.0.13

squid-cache.org Squid 3.1.0.14

3.1.0.14

squid-cache.org Squid 3.1.0.15

3.1.0.15

squid-cache.org Squid 3.1.0.16

3.1.0.16

squid-cache.org Squid 3.1.0.17

3.1.0.17

squid-cache.org Squid 3.1.0.18

3.1.0.18

squid-cache.org Squid 3.1.1

3.1.1

squid-cache.org Squid 3.1.2

3.1.2

squid-cache.org Squid 3.1.3

3.1.3

squid-cache.org Squid 3.1.4

3.1.4

squid-cache.org Squid 3.1.5

3.1.5

squid-cache.org Squid 3.1.5.1

3.1.5.1

squid-cache.org Squid 3.1.6

3.1.6

squid-cache.org Squid 3.1.7

3.1.7

squid-cache.org Squid 3.1.8

3.1.8

squid-cache.org Squid 3.1.9

3.1.9

squid-cache.org Squid 3.1.10

3.1.10

squid-cache.org Squid 3.1.11

3.1.11

squid-cache.org Squid 3.1.12

3.1.12

squid-cache.org Squid 3.1.13

3.1.13

squid-cache.org Squid 3.1.14

3.1.14

References

http://bugs.squid-cache.org/show_bug.cgi?id=3237#c12

SUSE-SU-2016:1996

SUSE-SU-2016:2089

46609

Vendor Advisory

47459

MDVSA-2011:193

[oss-security] 20111031 CVE Request -- Squid v3.1.16 -- Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record

[oss-security] 20111031 Re: CVE Request -- Squid v3.1.16 -- Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record

RHSA-2011:1791

1026265

http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_16.html

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.