Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Squid Web Proxy Cache Security Vulnerabilities

cve
cve

CVE-2024-25111

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted,...

8.6CVSS

8.1AI Score

0.0004EPSS

2024-03-06 07:15 PM
82
cve
cve

CVE-2024-23638

Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pages for Client...

6.5CVSS

6.7AI Score

0.009EPSS

2024-01-24 12:15 AM
58
cve
cve

CVE-2009-0801

Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a...

8.3AI Score

0.002EPSS

2022-10-03 04:24 PM
40
cve
cve

CVE-2007-6239

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached...

6.4AI Score

0.179EPSS

2007-12-04 06:46 PM
38
cve
cve

CVE-2004-2654

The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigger a null dereference. NOTE: in a followup advisory, a researcher claimed that the issue was a...

7.1AI Score

0.056EPSS

2006-02-24 11:00 AM
28
cve
cve

CVE-2004-2479

Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error...

5.9AI Score

0.009EPSS

2005-08-21 04:00 AM
27
cve
cve

CVE-2004-2480

Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via "@@" sequences in a URL within Internet...

6.9AI Score

0.012EPSS

2005-08-21 04:00 AM
21
cve
cve

CVE-2004-0918

The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation...

6.2AI Score

0.959EPSS

2005-01-27 05:00 AM
36
cve
cve

CVE-2004-0541

Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass"...

7.7AI Score

0.963EPSS

2004-08-06 04:00 AM
46