Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 25 Aug 2010 19:18:32 +1200
From: Amos Jeffries <squid3@...enet.co.nz>
To: oss-security <oss-security@...ts.openwall.com>
CC: "Steven M. Christey" <coley@...us.mitre.org>, 
 Amos Jeffries <amosjeffries@...id-cache.org>,
 Stephen Thorne <stephen@...rne.id.au>
Subject: Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large
 DNS replies with no IPv6 resolver present

Jan Lieskovsky wrote:
> Hi Steve, vendors,
> 
>   Stephen Thorne reported a buffer overread flaw in the way Squid proxy 
> caching server
> processed large DNS replies in cases, when no IPv6 resolver was present.
> A remote attacker could provide DNS reply with large amount of data,
> leading to denial of service (squid server crash).
> 
> Upstream bug report:
>   [1] http://bugs.squid-cache.org/show_bug.cgi?id=3021
> 
> Relevant upstream changeset:
>   [2] http://bazaar.launchpad.net/~squid/squid/3.1/revision/10072
> 

Also for use as needed our patch archive copy:
http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10072.patch

> References:
>   [3] http://marc.info/?l=squid-users&m=128263555724981&w=2
>   [4] https://bugzilla.redhat.com/show_bug.cgi?id=626927
>   [5] http://bugs.gentoo.org/show_bug.cgi?id=334263
> 
> Could you allocate CVE id for this issue?
> 
> Amos, Stephen please correct me, if some of [1] and [2] doesn't 
> correspond to:
> 
> "One regression introduced with 3.1.6 when contacting IPv4-only DNS
> resolvers opens a small but exploitable DoS vulnerability."
> 
> issue mentioned in [3].
> 
> Thanks && Regards, Jan.
> -- 
> Jan iankko Lieskovsky / Red Hat Security Response Team

Henrik covered the rest in your bug report [4].

Amos
-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.7
   Beta testers wanted for 3.2.0.1

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ