CVE-2014-6270

描述

Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.

受影響套件(1)

• Debian/squidfrom 0, < 4.1-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-6270