Unrated severityNVD Advisory· Published Aug 9, 2013· Updated Jun 16, 2026
CVE-2013-4115
CVE-2013-4115
Description
Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
23cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*
- osv-coords2 versionspkg:rpm/suse/squid3&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/squid3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
< 3.1.23-8.16.30.1+ 1 more
- (no CPE)range: < 3.1.23-8.16.30.1
- (no CPE)range: < 3.1.23-8.16.30.1
Patches
Vulnerability mechanics
References
18- www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9200.patchnvdPatch
- www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10487.patchnvdPatch
- www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11823.patchnvdPatch
- www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12587.patchnvdPatch
- lists.opensuse.org/opensuse-updates/2013-09/msg00024.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-updates/2013-09/msg00025.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-updates/2013-09/msg00030.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-updates/2013-09/msg00032.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-updates/2013-09/msg00033.htmlnvdVendor Advisory
- secunia.com/advisories/54076nvdVendor Advisory
- secunia.com/advisories/54834nvdVendor Advisory
- secunia.com/advisories/54839nvdVendor Advisory
- www.squid-cache.org/Advisories/SQUID-2013_2.txtnvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.htmlnvd
- www.openwall.com/lists/oss-security/2013/07/11/8nvd
- www.securityfocus.com/bid/61111nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/85564nvd
News mentions
0No linked articles in our index yet.