Search CVE reports
131 – 140 of 142 results
Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers...
1 affected package
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
squid | — | — | — | — |
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
1 affected package
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
squid | — | — | — | — |
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR)...
1 affected package
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
squid | — | — | — | — |
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
1 affected package
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
squid | — | — | — | — |
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
1 affected package
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
squid | — | — | — | — |
Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption).
1 affected package
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
squid | — | — | — | — |
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and...
1 affected package
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
squid | — | — | — | — |
Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.
1 affected package
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
squid | — | — | — | — |
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that...
1 affected package
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
squid | — | — | — | — |
Unknown vulnerability in ecartis 0.x before 0.129a+1.0.0-snap20020514-1.3 and 1.x before 1.0.0+cvs.20030911-8 allows attackers in the same domain to gain administrator privileges and modify configuration.
2 affected packages
ecartis, squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
ecartis | — | — | — | — |
squid | — | — | — | — |