Lucene search

MitreCVE-2010-0639

HistoryFeb 15, 2010 - 6:30 p.m.

CVE-2010-0639

2010-02-1518:30:00

mitre

web.nvd.nist.gov

squid

cve-2010-0639

remote attackers

denial of service

crafted packets

htcp port

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.943

Percentile

99.2%

JSON

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port.

Affected configurations

Nvd

Node

squid-cachesquidMatch2.0

squid-cachesquidMatch2.1

squid-cachesquidMatch2.2

squid-cachesquidMatch2.3

squid-cachesquidMatch2.4

squid-cachesquidMatch2.5

squid-cachesquidMatch2.6

squid-cachesquidMatch2.7

squid-cachesquidMatch2.7stable3

squid-cachesquidMatch2.7stable4

squid-cachesquidMatch3.0

squid-cachesquidMatch3.0.stable1

squid-cachesquidMatch3.0.stable2

squid-cachesquidMatch3.0.stable3

squid-cachesquidMatch3.0.stable4

squid-cachesquidMatch3.0.stable5

squid-cachesquidMatch3.0.stable6

squid-cachesquidMatch3.0.stable7

squid-cachesquidMatch3.0.stable8

squid-cachesquidMatch3.0.stable9

squid-cachesquidMatch3.0.stable11

squid-cachesquidMatch3.0.stable12

squid-cachesquidMatch3.0.stable13

squid-cachesquidMatch3.0.stable14

squid-cachesquidMatch3.0.stable15

squid-cachesquidMatch3.0.stable16

squid-cachesquidMatch3.0.stable17

squid-cachesquidMatch3.0.stable18

squid-cachesquidMatch3.0.stable19

squid-cachesquidMatch3.0.stable20

squid-cachesquidMatch3.0.stable21

squid-cachesquidMatch3.0.stable22

squid-cachesquidMatch3.0.stable23

VendorProductVersionCPE
squid-cachesquid2.0cpe:2.3:a:squid-cache:squid:2.0:*:*:*:*:*:*:*
squid-cachesquid2.1cpe:2.3:a:squid-cache:squid:2.1:*:*:*:*:*:*:*
squid-cachesquid2.2cpe:2.3:a:squid-cache:squid:2.2:*:*:*:*:*:*:*
squid-cachesquid2.3cpe:2.3:a:squid-cache:squid:2.3:*:*:*:*:*:*:*
squid-cachesquid2.4cpe:2.3:a:squid-cache:squid:2.4:*:*:*:*:*:*:*
squid-cachesquid2.5cpe:2.3:a:squid-cache:squid:2.5:*:*:*:*:*:*:*
squid-cachesquid2.6cpe:2.3:a:squid-cache:squid:2.6:*:*:*:*:*:*:*
squid-cachesquid2.7cpe:2.3:a:squid-cache:squid:2.7:*:*:*:*:*:*:*
squid-cachesquid2.7cpe:2.3:a:squid-cache:squid:2.7:stable3:*:*:*:*:*:*
squid-cachesquid2.7cpe:2.3:a:squid-cache:squid:2.7:stable4:*:*:*:*:*:*

Vendor	Product	Version	CPE
squid-cache	squid	2.0	cpe:2.3:a:squid-cache:squid:2.0:::::::*
squid-cache	squid	2.1	cpe:2.3:a:squid-cache:squid:2.1:::::::*
squid-cache	squid	2.2	cpe:2.3:a:squid-cache:squid:2.2:::::::*
squid-cache	squid	2.3	cpe:2.3:a:squid-cache:squid:2.3:::::::*
squid-cache	squid	2.4	cpe:2.3:a:squid-cache:squid:2.4:::::::*
squid-cache	squid	2.5	cpe:2.3:a:squid-cache:squid:2.5:::::::*
squid-cache	squid	2.6	cpe:2.3:a:squid-cache:squid:2.6:::::::*
squid-cache	squid	2.7	cpe:2.3:a:squid-cache:squid:2.7:::::::*
squid-cache	squid	2.7	cpe:2.3:a:squid-cache:squid:2.7:stable3::::::
squid-cache	squid	2.7	cpe:2.3:a:squid-cache:squid:2.7:stable4::::::