NVD

Id
33810  
Name
CVE-2014-6270  
Description
Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-09-12  
Modified Date
2016-12-02  
Seq
2014-6270  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
175404 33810 CVE-2014-6270 SUSE-SU-2016:1996  View
175405 33810 CVE-2014-6270 SUSE-SU-2016:2089  View
175406 33810 CVE-2014-6270 [oss-security] 20140909 CVE-Request: squid snmp off-by-one  View
175407 33810 CVE-2014-6270 [oss-security] 20140909 Re: CVE-Request: squid snmp off-by-one  View
175408 33810 CVE-2014-6270 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html  View
175409 33810 CVE-2014-6270 69686  View
175410 33810 CVE-2014-6270 USN-2921-1  View
175411 33810 CVE-2014-6270 squid-cve20146270-bo(95873)  View
175412 33810 CVE-2014-6270 https://bugzilla.novell.com/show_bug.cgi?id=895773  View
175413 33810 CVE-2014-6270 https://bugzilla.redhat.com/show_bug.cgi?id=1139967  View
175414 33810 CVE-2014-6270 GLSA-201607-01  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
15485 JVNDB-2014-004360 Squid の snmp_core.cc の snmpHandleUdp 関数 におけるサービス運用妨害 (DoS) の脆弱性 Squid の snmp_core.cc の snmpHandleUdp 関数には、SNMP ポートが設定されている場合、一つずれエラー (Off-by-One error) により、サービス運用妨害 (クラッシュ) 状態にされる、または任意のコードを実行される脆弱性が存在します。 CVE-2014-6270 73561 CVE-2014-6270 33810 6.8 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004360.html 2014-09-09 2015-08-31 View