NVD

Id
10622  
Name
CVE-2011-4096  
Description
The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-07  
Published
2011-11-17  
Modified Date
2016-11-28  
Seq
2011-4096  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
60026 10622 CVE-2011-4096 http://bugs.squid-cache.org/show_bug.cgi?id=3237#c12  View
60027 10622 CVE-2011-4096 SUSE-SU-2016:1996  View
60028 10622 CVE-2011-4096 SUSE-SU-2016:2089  View
60029 10622 CVE-2011-4096 MDVSA-2011:193  View
60030 10622 CVE-2011-4096 [oss-security] 20111031 CVE Request -- Squid v3.1.16 -- Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record  View
60031 10622 CVE-2011-4096 [oss-security] 20111031 Re: CVE Request -- Squid v3.1.16 -- Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record  View
60032 10622 CVE-2011-4096 RHSA-2011:1791  View
60033 10622 CVE-2011-4096 1026265  View
60034 10622 CVE-2011-4096 http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_16.html  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
32745 JVNDB-2011-002985 Squid の idnsGrokReply 関数におけるサービス運用妨害 (デーモンの停止) の脆弱性 Squid の idnsGrokReply 関数は、メモリを適切に解放しないため、サービス運用妨害 (デーモンの停止) 状態となる脆弱性が存在します。 CVE-2011-4096 52003 CVE-2011-4096 10622 5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002985.html 2011-10-17 2011-11-21 View