Lucene search
K

6123 matches found

cve
cve
added 2001/05/07 4:0 a.m.69 views

CVE-2001-0142

CVE-2001-0142 affects squid 2.3 and earlier. The issue is a local symlink/race condition that can cause local users to overwrite arbitrary files via temporary file handling in certain configurations. Impact is described as local privilege/content modification without remote access; CVSS reflects ...

1.2CVSS6.3AI score0.00304EPSS
Exploits0References6Affected Software2
nvd
nvd
added 2001/03/12 5:0 a.m.19 views

CVE-2001-0142

squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations...

1.2CVSS6.3AI score0.00304EPSS
Exploits0References6
debian
debian
added 2001/01/25 4:50 p.m.8 views

[SECURITY] [DSA 019-1] New version of squid released

---------------------------------------------------------------------------- Debian Security Advisory DSA-019-1 [email protected] http://www.debian.org/security/ Martin Schulze January 25, 2001 - ---------------------------------------------------------------------------- Package : squid...

5.8AI score
Exploits0
securityvulns
securityvulns
added 2000/10/27 12:0 a.m.35 views

Squid doesn't quote urls in error messages.

Hi, I noticed that Squid 2.3.STABLE4 doesn't quote urls in error messages. For example if a user visits the following url http://www.dotcom.com/ btest/b The user will get an invalid url page with test in bold. Or even more fun with: http://www.somecompany.com/img...

7AI score
Exploits0
securityvulns
securityvulns
added 2000/10/27 12:0 a.m.68 views

Re: Squid doesn't quote urls in error messages.

Hello Lincoln Yeoh, 27.10.00 13:47, you wrote: Squid doesn't quote urls in error messages.; L I noticed that Squid 2.3.STABLE4 doesn't quote urls in error L messages. skip L I haven't really tried it myself, and so I can't confirm if it really works L that's why it's in VULN-DEV ; . I can confirm...

7AI score
Exploits0
securityvulns
securityvulns
added 2000/05/18 12:0 a.m.54 views

Linux news 18.05.00

Linux 2.2.16pre3 Вышла новая pre-версия следующего стабильного ядра: Linux 2.2.16pre3. Подробнее: http://linuxtoday.com/newsstory.php3?ltsn=2000-05-16-007-04-NW-KN Kernel Traffic 67 Вышел новый обзор Linux Kernel Traffic: 67. Подробнее: http://kt.linuxcare.com/kernel-traffic/kt2000051567print.epl...

7.1AI score
Exploits0
cve
cve
added 2000/01/04 5:0 a.m.96 views

CVE-1999-0710

CVE-1999-0710 affects the Squid proxy (publicly accessible cachemgr.cgi) and allows remote attackers to use it as an intermediary to connect to other systems. OpenVAS/Nessus entries corroborate a public-facing cachemgr.cgi risk across Red Hat, Debian, CentOS, and FreeBSD/OpenBSD ecosystems. The R...

7.5CVSS6.2AI score0.116EPSS
Exploits0References8Affected Software1
cvelist
cvelist
added 2000/01/04 5:0 a.m.26 views

CVE-1999-0710

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems...

6.2AI score0.116EPSS
Exploits0References8
debiancve
debiancve
added 2000/01/04 5:0 a.m.40 views

CVE-1999-0710

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems...

7.5CVSS5.6AI score0.116EPSS
Exploits0
nvd
nvd
added 1999/12/31 5:0 a.m.16 views

CVE-1999-1481

Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair...

5CVSS6.5AI score0.03573EPSS
Exploits1References4
packetstorm
packetstorm
added 1999/11/03 12:0 a.m.29 views

squid.exploit.txt

Holla, since some people asked how to exploit the squid bug, I send a description along. Assumptions: 1. You use plain squid-2.2-STABLE5 or below. Also, external authentification is active using a some external authentication program, which basically follows the implementation guidelines given on...

7.4AI score
Exploits0
exploitdb
exploitdb
added 1999/10/25 12:0 a.m.28 views

National Science Foundation Squid Web Proxy 1.0/1.1/2.1 - Authentication Failure

source: https://www.securityfocus.com/bid/741/info There is a vulnerability present in certain versions of the Squid Web Proxy Cache developed by the National Science Foundation. This problem is only in effect when users of the cache are using an external authenticator. The following is quoted fr...

7.4AI score
Exploits0
exploitpack
exploitpack
added 1999/10/25 12:0 a.m.18 views

National Science Foundation Squid Web Proxy 1.01.12.1 - Authentication Failure

National Science Foundation Squid Web Proxy 1.01.12.1 - Authentication Failure source: https://www.securityfocus.com/bid/741/info There is a vulnerability present in certain versions of the Squid Web Proxy Cache developed by the National Science Foundation. This problem is only in effect when use...

0.2AI score
Exploits0
nessus
nessus
added 1999/08/22 12:0 a.m.66 views

Squid cachemgr.cgi Proxied Port Scanning

RedHat Linux 6.0 installs by default a squid cache manager cgi script with no restricted access permissions. This script could be used to perform a port scan from the cgi-host machine. %NASLMINLEVEL 70300 This script was written by Alexis de Bernis See the Nessus Scripts License for details...

7.5CVSS5.3AI score0.116EPSS
Exploits0References2
osv
osv
added 1999/07/25 4:0 a.m.4 views

CVE-1999-0710

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems...

6.9AI score0.116EPSS
Exploits0References8
osv
osv
added 1999/07/25 4:0 a.m.1 views

DEBIAN-CVE-1999-0710

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems...

7.5CVSS6.9AI score0.116EPSS
Exploits0References1
nvd
nvd
added 1999/07/25 4:0 a.m.24 views

CVE-1999-0710

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems...

7.5CVSS6.3AI score0.116EPSS
Exploits0References8
exploitdb
exploitdb
added 1999/07/23 12:0 a.m.42 views

Squid Web Proxy 2.2 - 'cachemgr.cgi' Unauthorized Connection

source: https://www.securityfocus.com/bid/2059/info The 'cachemgr.cgi' module is a management interface for the Squid proxy service. It was installed by default in '/cgi-bin' by Red Hat Linux 5.2 and 6.0 installed with Squid. This script prompts for a host and port, which it then tries to connect...

7.4AI score
Exploits0
exploitpack
exploitpack
added 1999/07/23 12:0 a.m.19 views

Squid Web Proxy 2.2 - cachemgr.cgi Unauthorized Connection

Squid Web Proxy 2.2 - cachemgr.cgi Unauthorized Connection source: https://www.securityfocus.com/bid/2059/info The 'cachemgr.cgi' module is a management interface for the Squid proxy service. It was installed by default in '/cgi-bin' by Red Hat Linux 5.2 and 6.0 installed with Squid. This script...

0.2AI score
Exploits0
nvd
nvd
added 1998/02/20 5:0 a.m.9 views

CVE-1999-1273

Squid Internet Object Cache 1.1.20 allows users to bypass access control lists ACLs by encoding the URL with hexadecimal escape sequences...

7.5CVSS0.01306EPSS
Exploits1References2
Rows per page
Query Builder