CVE-2011-4096
Published: 17 November 2011
The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record.
Priority
Status
Package | Release | Status |
---|---|---|
squid3 Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
(code not present)
|
lucid |
Not vulnerable
(code not present)
|
|
maverick |
Released
(3.1.6-1.1ubuntu1.2)
|
|
natty |
Released
(3.1.11-1ubuntu0.1)
|
|
oneiric |
Released
(3.1.14-1ubuntu0.1)
|
|
upstream |
Released
(3.1.16-1)
|
|
Patches: vendor: https://rhn.redhat.com/errata/RHSA-2011-1791.html vendor: http://www.debian.org/security/2012/dsa-2381 |