Lucene search
ZdiCVELIST:CVE-2018-1172HistoryMay 16, 2018 - 9:00 p.m.
CVE-2018-1172
2018-05-1621:00:00
CWE-476
zdi
www.cve.org
3
This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCheck(). A crafted request can trigger the dereference of a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system. Was ZDI-CAN-6088.
CNA Affected
[
{
"product": "The Squid Software Foundation Squid",
"vendor": "The Squid Software Foundation",
"versions": [
{
"status": "affected",
"version": "3.5.27-20180318"
}
]
}
]Related
alpinelinux
alpinelinux
CVE-2018-1172
2018-05-16 21:29:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:1365-1)
2021-06-09 00:00:00
Squid DoS Vulnerability (SQUID-2018:3)
2018-05-22 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:1122-1)
2021-04-19 00:00:00
debiancve
debiancve
CVE-2018-1172
2018-05-16 21:29:00
osv
osv
CVE-2018-1172
2018-05-16 21:29:00
nessus
nessus
SUSE SLES12 Security Update : squid (SUSE-SU-2018:1122-1)
2018-05-03 00:00:00
Squid 3.1.12.2 <= 3.1.x <= 3.1.23 / 3.2.0.8 <= 3.2.x <= 3.2.14 / 3.3.x / 3.4.x / 3.5.x <= 3.5.27 / 4.x < 4.0.13 Denial of Service Vulnerability (SQUID-2018:3)
2018-12-17 00:00:00
openSUSE Security Update : squid (openSUSE-2018-412)
2018-05-03 00:00:00
zdi
zdi
prion
prion
Null pointer dereference
2018-05-16 21:29:00
cve
cve
CVE-2018-1172
2018-05-16 21:29:00
nvd
nvd
CVE-2018-1172
2018-05-16 21:29:00
ubuntucve
ubuntucve
CVE-2018-1172
2018-05-16 00:00:00
redhatcve
redhatcve
CVE-2018-1172
2018-04-19 09:48:47
checkpoint_advisories
checkpoint_advisories
Squid Proxy Denial of Service (CVE-2018-1172; CVE-2018-1000027)
2018-05-27 00:00:00
amazon
amazon
Medium: squid
2020-09-01 00:40:00
altlinux
altlinux
Security fix for the ALT Linux 8 package squid version 3.5.28-alt1
2019-08-27 00:00:00