oss-sec mailing list archives
Re: CVE-Request: squid pinger remote DoS
From: Marcus Meissner <meissner () suse de>
Date: Tue, 16 Sep 2014 07:17:20 +0200
On Tue, Sep 09, 2014 at 10:53:51AM +0200, Sebastian Krahmer wrote:
Hi I made a fix for squid 3.4.6 and request a CVE for this issue: The pinger code that checks for nodes being alive doesnt properly validate ICMP and ICMPv6 replies, in particular icmp6 types which are used to index into a string array. This could cause crashes when the index is OOB. A patch is available here: https://bugzilla.novell.com/show_bug.cgi?id=891268 I also made some cleanups and error checking on the receive socket. I am not deep into the overall squid architecture so I dont know what happens to squid itself when the pinger sub-process crashes (think SIGPIPE etc). But to me it looks like you can only DoS the pinger sub-system, not the whole squid.
Mitre?Ping? Ciao, Marcus
Current thread:
- CVE-Request: squid pinger remote DoS Sebastian Krahmer (Sep 09)
- Re: CVE-Request: squid pinger remote DoS Marcus Meissner (Sep 15)
- Re: CVE-Request: squid pinger remote DoS cve-assign (Sep 15)
- Re: CVE-Request: squid pinger remote DoS Sebastian Krahmer (Sep 16)
- Re: Re: CVE-Request: squid pinger remote DoS Amos Jeffries (Sep 16)
- Re: CVE-Request: squid pinger remote DoS cve-assign (Sep 21)