Date: Tue, 16 Sep 2014 07:17:20 +0200 From: Marcus Meissner <meissner@...e.de> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Re: CVE-Request: squid pinger remote DoS On Tue, Sep 09, 2014 at 10:53:51AM +0200, Sebastian Krahmer wrote: > Hi > > I made a fix for squid 3.4.6 and request a CVE for > this issue: > > The pinger code that checks for nodes being alive doesnt > properly validate ICMP and ICMPv6 replies, in particular > icmp6 types which are used to index into a string array. > This could cause crashes when the index is OOB. > > A patch is available here: > > https://bugzilla.novell.com/show_bug.cgi?id=891268 > > I also made some cleanups and error checking on the > receive socket. > > I am not deep into the overall squid architecture so > I dont know what happens to squid itself when the > pinger sub-process crashes (think SIGPIPE etc). But to me > it looks like you can only DoS the pinger sub-system, > not the whole squid. Mitre?Ping? Ciao, Marcus
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ