Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 16 Sep 2014 07:17:20 +0200
From: Marcus Meissner <meissner@...e.de>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: Re: CVE-Request: squid pinger remote DoS

On Tue, Sep 09, 2014 at 10:53:51AM +0200, Sebastian Krahmer wrote:
> Hi
> 
> I made a fix for squid 3.4.6 and request a CVE for
> this issue:
> 
> The pinger code that checks for nodes being alive doesnt
> properly validate ICMP and ICMPv6 replies, in particular
> icmp6 types which are used to index into a string array.
> This could cause crashes when the index is OOB.
> 
> A patch is available here:
> 
> https://bugzilla.novell.com/show_bug.cgi?id=891268
> 
> I also made some cleanups and error checking on the
> receive socket.
> 
> I am not deep into the overall squid architecture so
> I dont know what happens to squid itself when the
> pinger sub-process crashes (think SIGPIPE etc). But to me
> it looks like you can only DoS the pinger sub-system,
> not the whole squid.

Mitre?Ping?

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ