REDHAT-BUG-1139967: Buffer Overflow
First published: Wed Sep 10 2014(Updated: )
Sebastian Krahmer discovered an off-by-one error, leading to a heap-based buffer overflow flaw, in the way Squid handled UDP SNMP requests. An unauthenticated, remote attacker could possibly use this flaw to crash Squid or, potentially, execute arbitrary code. As noted in Sebastian's original report, an SNMP port must be configured. The default configuration of Squid for Red Hat Enterprise Linux 6 and 7 does not include an snmp_port declaration (<a href="http://wiki.squid-cache.org/Features/Snmp">http://wiki.squid-cache.org/Features/Snmp</a>). Patch: <a href="http://bugzillafiles.novell.org/attachment.cgi?id=605545">http://bugzillafiles.novell.org/attachment.cgi?id=605545</a> References: <a href="https://bugzilla.novell.com/show_bug.cgi?id=895773">https://bugzilla.novell.com/show_bug.cgi?id=895773</a> <a href="http://seclists.org/oss-sec/2014/q3/542">http://seclists.org/oss-sec/2014/q3/542</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Squid Web Proxy Cache |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://wiki.squid-cache.org/Features/Snmp
- http://bugzillafiles.novell.org/attachment.cgi?id=605545
- https://bugzilla.novell.com/show_bug.cgi?id=895773
- http://seclists.org/oss-sec/2014/q3/542
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1139968
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1139967#c0
- https://access.redhat.com/security/updates/classification/
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=936923&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=936923&action=edit
- https://bugzilla.novell.com/show_bug.cgi?id=895773#c1
- http://bazaar.launchpad.net/~squid/squid/trunk/revision/13574
- http://bazaar.launchpad.net/~squid/squid/trunk/revision/13582
- http://www.squid-cache.org/Advisories/SQUID-2014_3.txt
- https://access.redhat.com/security/cve/cve-2014-6270
- https://bugzilla.redhat.com/show_bug.cgi?id=1139967
Frequently Asked Questions
What is the severity of REDHAT-BUG-1139967?
The severity of REDHAT-BUG-1139967 is high due to the potential for a heap-based buffer overflow that could allow an attacker to crash Squid or execute arbitrary code.
How do I fix REDHAT-BUG-1139967?
To fix REDHAT-BUG-1139967, it is recommended to update Squid to the latest patched version that addresses the vulnerability.
What does the REDHAT-BUG-1139967 vulnerability affect?
REDHAT-BUG-1139967 affects the Squid Web Proxy Cache software specifically in how it handles UDP SNMP requests.
Can REDHAT-BUG-1139967 be exploited remotely?
Yes, REDHAT-BUG-1139967 can be exploited by an unauthenticated remote attacker.
What type of flaw is associated with REDHAT-BUG-1139967?
REDHAT-BUG-1139967 is associated with an off-by-one error that leads to a heap-based buffer overflow.
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-6270
- agent/type
- agent/first-publish-date
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/squid
- canonical/squid web proxy cache