Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-6270

Опубликовано: 12 сент. 2014
Источник: debian
EPSS Низкий

Описание

Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
squidfixed4.1-1package
squid3fixed3.4.8-1package
squid3no-dsawheezypackage
squid3no-dsasqueezepackage

Примечания

  • SNMP was not built in squid 2.x

  • https://bugzilla.suse.com/show_bug.cgi?id=895773

  • Upstream commits: http://bazaar.launchpad.net/~squid/squid/trunk/revision/13574

  • http://bazaar.launchpad.net/~squid/squid/trunk/revision/13582

  • http://www.squid-cache.org/Advisories/SQUID-2014_3.txt

EPSS

Процентиль: 92%
0.07988
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2014-6270

ubuntu
почти 11 лет назад

Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.

redhat логотип

CVE-2014-6270

redhat
почти 11 лет назад

Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.

nvd логотип

CVE-2014-6270

nvd
почти 11 лет назад

Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.

github логотип

GHSA-9v4x-8f3c-4hmw

github
около 3 лет назад

Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.

fstec логотип

BDU:2015-00691

fstec
почти 11 лет назад

Уязвимость программного обеспечения Squid HTTP Proxy Server, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 92%
0.07988
Низкий