Search CVE reports


Toggle filters

101 – 109 of 109 results


CVE-2010-2951

Medium priority

Some fixes available 1 of 2

dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via...

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3
Show less packages

CVE-2010-0639

Medium priority

Some fixes available 9 of 13

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid
squid3
Show less packages

CVE-2010-0308

Medium priority

Some fixes available 11 of 14

lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid
squid3
Show less packages

CVE-2009-2855

Low priority

Some fixes available 4 of 7

The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid
squid3
Show less packages

CVE-2009-2622

Medium priority

Some fixes available 1 of 3

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value,"...

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3
Show less packages

CVE-2009-2621

Low priority

Some fixes available 1 of 3

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request...

1 affected package

squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid3
Show less packages

CVE-2009-0801

Low priority
Ignored

Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid
squid3
Show less packages

CVE-2009-0478

Medium priority

Some fixes available 1 of 4

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid
squid3
Show less packages

CVE-2007-6239

Low priority
Fixed

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak...

2 affected packages

squid, squid3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
squid
squid3
Show less packages