Lucene search

K
freebsdFreeBSDC37DE843-488E-11E2-A5C9-0019996BC1F7
HistoryDec 17, 2012 - 12:00 a.m.

squid -- denial of service

2012-12-1700:00:00
vuxml.freebsd.org
9

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.964 High

EPSS

Percentile

99.5%

Squid developers report:

Due to missing input validation Squid cachemgr.cgi tool
is vulnerable to a denial of service attack when processing
specially crafted requests.
This problem allows any client able to reach the
cachemgr.cgi to perform a denial of service attack on the
service host.
The nature of the attack may cause secondary effects
through resource consumption on the host server.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchsquid<ย 2.7.9_4UNKNOWN

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.964 High

EPSS

Percentile

99.5%