EUVD-2002-0067

Malware in sbrugna...

openSUSE Security Update : squid (openSUSE-SU-2012:0102-1)

This update fixes the following security issues : - 587375: NULL deref via HTCP request CVE-2010-0639 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update squid-5580. The text description of this...

SuSE 11.1 Security Update : squid (SAT Patch Number 5584)

This update fixes the following security issue : - 587375: squid NULL deref via HTCP request CVE-2010-0639 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C...

Fedora 12 : squid-3.1.0.16-6.fc12 (2010-3064)

Denial of service issue in HTCP processing SQUID-2010:2 http://www.squid- cache.org/Advisories/SQUID-20102.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...

Squid Proxy HTCP Packet Processing Denial of Service (CVE-2010-0639)

The Squid proxy server is a popular open source, Internet proxy and web caching application. It supports various network protocols such as HTTP, FTP, SSL, DNS, and HTCP. A denial of service vulnerability has been reported in Squid Proxy. The vulnerability is due to a NULL pointer dereference when...

Squid < 3.0.STABLE24 / 2.7.STABLE8 / 2.6.STABLE24

According to its banner, the version of the Squid proxy caching server installed on the remote host is older than 3.0.STABLE24 / 2.7.STABLE8 / 2.6.STABLE24. Such versions de-reference a NULL pointer while handling certain Hypertext Caching Protocol HTCP requests. This mishandling can be abused by...

Mandriva Update for squid MDVSA-2010:060 (squid)

Check for the Version of squid OpenVAS Vulnerability Test Mandriva Update for squid MDVSA-2010:060 squid Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for squid FEDORA-2010-3064

Check for the Version of squid OpenVAS Vulnerability Test Fedora Update for squid FEDORA-2010-3064 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Ubuntu Update for squid vulnerability USN-904-1

Ubuntu Update for Linux kernel vulnerabilities USN-904-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9041.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for squid vulnerability USN-904-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Squid Web代理缓存HTCP请求远程拒绝服务漏洞

BUGTRAQ ID: 38212 CVE ID: CVE-2010-0639 Squid是一个高效的Web缓存及代理程序，最初是为Unix平台开发的，现在也被移植到Linux和大多数的Unix类系统中，最新的Squid可以运行在Windows平台下。 远程攻击者可以通过向Squid的HTCP端口发送畸形报文触发空指针引用，导致Squid崩溃。 Squid Web Proxy Cache 3.0 Squid Web Proxy Cache 2.x 临时解决方法： 如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁： 对于Squid-2.x 明确配置htcpport...

squid proxy server DoS

Crash on HTCP packets processing...

Squid HTCP Packets Processing DoS Vulnerability (SQUID-2010:2)

Squid is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:squid-cache:squid";...

Null pointer dereference

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via crafted packets to the HTCP port...

DEBIAN-CVE-2010-0639

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via crafted packets to the HTCP port...

CVE-2010-0639

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via crafted packets to the HTCP port...

CVE-2010-0639

CVE-2010-0639 affects Squid where the function htcpHandleTstRequest in htcp.c (and htcp.cc for 3.0) can be triggered by crafting HTCP packets to the HTCP port, causing a NULL pointer dereference and a daemon crash (DoS). It affects Squid 2.x prior to 2.6.STABLE24 and 2.7 prior to 2.7.STABLE8, and...

CVE-2010-0639

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via crafted packets to the HTCP port...

Squid < 3.0STABLE24 HTCP Request Denial of Service

Binary data 801037.prm...

Squid < 3.0.STABLE24 HTCP Request DoS

Binary data 5340.prm...

Mandrake Linux Security Advisory : squid (MDKSA-2002:016-1)

Three security issues were found in the 2.x versions of the Squid proxy server up to and including 2.4.STABLE3. The first is a memory leak in the optional SNMP interface to Squid which could allow a malicious user who can send packets to the Squid SNMP port to possibly perform a Denial of Service...