FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

squid -- SNMP module denial-of-service vulnerability

Affected packages
squid < 2.5.7
3.0.0 <= squid < 3.0.7

Details

VuXML ID 65e99f52-1c5f-11d9-bc4a-000c41e2cdad
Discovery 2004-09-29
Entry 2004-10-12
Modified 2008-06-28

The Squid-2.5 patches page notes:

If a certain malformed SNMP request is received squid restarts with a Segmentation Fault error.

This only affects squid installations where SNMP is explicitly enabled via "make config". As a workaround, SNMP can be disabled by defining "snmp_port 0" in squid.conf.

Squid security advisory SQUID-2008:1 explains that Squid-3 versions up to and including Squid-3.0.STABLE6 are affected by this error, too.

References

CVE Name CVE-2004-0918
URL http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities
URL http://www.squid-cache.org/Advisories/SQUID-2004_3.txt
URL http://www.squid-cache.org/Advisories/SQUID-2008_1.txt
URL http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE6-SNMP_core_dump