Lucene search

[email protected]CVE-2002-0163

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0163

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0163

buffer overflow

squid

dns responses

remote attacks

denial of service

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.306 Low

EPSS

Percentile

97.0%

JSON

Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.

Affected configurations

NVD

Node

squidsquidRange≤2.4_9

CPENameOperatorVersion
squid:squidsquidle2.4_9

CPE	Name	Operator	Version
squid:squid	squid	le	2.4_9

References

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-017.1.txt

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:19.squid.asc

marc.info/?l=bugtraq&m=101716495023226&w=2

rhn.redhat.com/errata/RHSA-2002-051.html

www.iss.net/security_center/static/8628.php

www.linux-mandrake.com/en/security/2002/MDKSA-2002-027.php

www.securityfocus.com/bid/4363

www.squid-cache.org/Advisories/SQUID-2002_2.txt

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.306 Low

EPSS

Percentile

97.0%

JSON

Related for CVE-2002-0163

nessus1 nvd1 cvelist1