Does CVE-2013-4115 affects on Red Hat Enterprise Linux ?
Environment
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 5
- Squid
Issue
-
When will Red Hat incorporate the following squid advisory into the RHEL6.x
squid
package?
http://www.squid-cache.org/Advisories/SQUID-2013_2.txt -
Does CVE-2013-4115
squid: DoS (crash) due to a buffer overflow when processing overly long DNS names
affects on RHEL 6? -
Does CVE-2013-4115
squid: DoS (crash) due to a buffer overflow when processing overly long DNS names
affects on RHEL 5?
Resolution
-
The versions of
squid
as shipped with Red Hat Enterprise Linux 5 and 6 do contain the vulnerable function, they do not appear to provide a suitable vector to exploit this flaw. -
Refer CVE-2013-4115
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments