oss-sec mailing list archives
Re: Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present
From: Josh Bressers <bressers () redhat com>
Date: Wed, 25 Aug 2010 10:24:50 -0400 (EDT)
Please use CVE-2010-2951 for this. Thanks. -- JB ----- "Stephen Thorne" <stephen () thorne id au> wrote:
On 2010-08-24, Jan Lieskovsky wrote:Stephen Thorne reported a buffer overread flaw in the way Squidproxy caching serverprocessed large DNS replies in cases, when no IPv6 resolver waspresent.A remote attacker could provide DNS reply with large amount ofdata,leading to denial of service (squid server crash).Those references all look correct, but I have one small niggle, this was not a buffer overread flaw. What actually happens is that if a TCP DNS request is required, a logic error causes a sockopt to be set on the ipv6 resolver fd, which will be fatal if that resolver is not configured. -- Regards, Stephen Thorne Development Engineer Netbox Blue
Current thread:
- CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present Jan Lieskovsky (Aug 24)
- Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present Stephen Thorne (Aug 24)
- Re: Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present Josh Bressers (Aug 25)
- Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present Amos Jeffries (Aug 25)
- Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present Stephen Thorne (Aug 24)