CVE-2009-3826

EUVD-2009-3797
Multiple buffer overflows in squidGuard 1.4 allow remote attackers to bypass intended URL blocking via a long URL, related to (1) the relationship between a certain buffer size in squidGuard and a certain buffer size in Squid and (2) a redirect URL that contains information about the originally requested URL.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
squidguardsquidguard
1.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
squidguard
bookworm
1.6.0-4
fixed
bullseye
1.6.0-2
fixed
sid
1.6.0-6
fixed
trixie
1.6.0-6
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
squidguard
dapper
Fixed 1.2.0-7ubuntu0.1
released
hardy
Fixed 1.2.0-8.2ubuntu2.1
released
intrepid
ignored
jaunty
Fixed 1.2.0-8.4ubuntu1.0.9.04.1
released
karmic
Fixed 1.2.0-8.4ubuntu1.0.9.10.1
released
lucid
Fixed 1.2.0-8.4ubuntu1.0.10.04.1
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://secunia.com/advisories/37107
http://secunia.com/advisories/39679
http://securitytracker.com/id?1023079
http://www.debian.org/security/2010/dsa-2040
http://www.osvdb.org/59164
http://www.securityfocus.com/archive/1/507440/100/0/threaded
http://www.securityfocus.com/bid/36800
http://www.squidguard.org/Downloads/Patches/1.4/Readme.Patch-20091019
http://www.vupen.com/english/advisories/2009/3013
http://www.vupen.com/english/advisories/2010/1043
https://exchange.xforce.ibmcloud.com/vulnerabilities/53922
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://secunia.com/advisories/37107
http://secunia.com/advisories/39679
http://securitytracker.com/id?1023079
http://www.debian.org/security/2010/dsa-2040
http://www.osvdb.org/59164
http://www.securityfocus.com/archive/1/507440/100/0/threaded
http://www.securityfocus.com/bid/36800
http://www.squidguard.org/Downloads/Patches/1.4/Readme.Patch-20091019
http://www.vupen.com/english/advisories/2009/3013
http://www.vupen.com/english/advisories/2010/1043
https://exchange.xforce.ibmcloud.com/vulnerabilities/53922