QwikSec

Security Database

CVE

CWE

Training

CVE-2016-3947

Published: Apr 7, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14015.patch

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

SUSE-SU-2016:1996

vendor-advisory

x_refsource_SUSE

http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11839.patch

x_refsource_CONFIRM

http://www.squid-cache.org/Advisories/SQUID-2016_3.txt

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10495.patch

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

openSUSE-SU-2016:2081

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2089

vendor-advisory

x_refsource_SUSE

http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13232.patch

x_refsource_CONFIRM

http://www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12694.patch

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.