Squid FTP Directory Parsing Buffer Overflow Vulnerability

A number of remotely exploitable buffer overflow conditions have been reported in how Squid parses FTP directory listings in FTP proxy requests. This condition is only present in configurations that allow proxying of FTP requests.

Successful exploitation of this issue may allow for arbitrary code execution as the Squid process. Additionally, this issue may be exploited to trigger a denial of service condition.


 

Privacy Statement
Copyright 2010, SecurityFocus