CVE-2009-3826
Published: 28 October 2009
Multiple buffer overflows in squidGuard 1.4 allow remote attackers to bypass intended URL blocking via a long URL, related to (1) the relationship between a certain buffer size in squidGuard and a certain buffer size in Squid and (2) a redirect URL that contains information about the originally requested URL.
Priority
Status
Package | Release | Status |
---|---|---|
squidguard Launchpad, Ubuntu, Debian |
dapper |
Released
(1.2.0-7ubuntu0.1)
|
hardy |
Released
(1.2.0-8.2ubuntu2.1)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Released
(1.2.0-8.4ubuntu1.0.9.04.1)
|
|
karmic |
Released
(1.2.0-8.4ubuntu1.0.9.10.1)
|
|
lucid |
Released
(1.2.0-8.4ubuntu1.0.10.04.1)
|
|
upstream |
Released
(1.2.0-9)
|
|
Patches: vendor: http://www.debian.org/security/2010/dsa-2040 |