oss-sec mailing list archives
CVE request: SQUID-2013:2: buffer overflow in HTTP request handling
From: Raphael Geissert <geissert () debian org>
Date: Thu, 11 Jul 2013 16:53:12 +0200
Hi, Squid has released a security advisory[0]:
Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests.
[0]http://www.squid-cache.org/Advisories/SQUID-2013_2.txt Could a CVE id be assigned please? Thanks in advance. [CC'ing squid's security address so that they can include the id in the advisory once assigned] Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- CVE request: SQUID-2013:2: buffer overflow in HTTP request handling Raphael Geissert (Jul 11)
- Re: CVE request: SQUID-2013:2: buffer overflow in HTTP request handling Kurt Seifried (Jul 11)