Описание
Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 3.5.12-1ubuntu6 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [3.3.8-1ubuntu6.6]] |
| lucid | ignored | end of life |
| precise | released | 3.1.19-1ubuntu3.12.04.6 |
| trusty | released | 3.3.8-1ubuntu6.6 |
| trusty/esm | DNE | trusty was released [3.3.8-1ubuntu6.6] |
| upstream | released | 3.4.8-1 |
| utopic | ignored | end of life |
| vivid | ignored | end of life |
| vivid/stable-phone-overlay | DNE |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.
Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.
Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squi ...
Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.
Уязвимость программного обеспечения Squid HTTP Proxy Server, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.8 Medium
CVSS2