Lucene search

K

RedosROS-20240812-07

HistoryAug 12, 2024 - 12:00 a.m.

ROS-20240812-07

2024-08-1200:00:00

redos.red-soft.ru

5

squid

proxy server

vulnerability

resource consumption

http header

exploitation

denial of service

configuration

unix

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

6.7

Confidence

High

Squid proxy server vulnerability is related to uncontrolled resource consumption as a result of filtering
and data reduction to an unsafe value when processing HTTP header length. Exploitation
The vulnerability could allow an attacker acting remotely to cause a denial of service by
request_header_max_size and reply_header_max_size configurations are set to defaults

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64squid< 6.5-1UNKNOWN

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

6.7

Confidence

High

Related for ROS-20240812-07

openvas11 redhat9 nessus24 osv8 prion1 redhatcve1 cve1 cloudlinux1 ubuntucve1 cvelist1 vulnrichment1 veracode1 debiancve1 nvd1 amazon1 oraclelinux3 almalinux2 photon1 ubuntu4 mageia1 debian1