Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.29 views

FreeBSD : squid -- buffer overflow in WCCP recvfrom() call (23fb5a04-722b-11d9-9e1e-c296ac722cb3)

According to the Squid Proxy Cache Security Update Advisory SQUID-2005:3, The WCCP recvfrom call accepts more data than will fit in the allocated buffer. An attacker may send a larger-than-normal WCCP message to Squid and overflow this buffer. Severity : The bug is important because it allows...

7.5CVSS5.7AI score0.22152EPSS
Exploits0References5
CERT
CERT
added 2005/02/04 12:0 a.m.50 views

Squid vulnerable to buffer overflow via an overly long WCCP message

Overview The Squid web proxy cache is vulnerable to a buffer overflow when handing overly long web cache communications protocol WCCP messages. Such messages could crash the Squid process and produce a denial of service condition. Description Squid functions as a web proxy and cache application f...

7.5CVSS6.6AI score0.22152EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/01/19 5:0 a.m.26 views

CVE-2005-0095

The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service crash via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCPISEEYOU cache numbers...

6.4AI score0.68776EPSS
Exploits1References16
Debian CVE
Debian CVE
added 2005/01/19 5:0 a.m.20 views

CVE-2005-0095

The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service crash via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCPISEEYOU cache numbers...

5CVSS5.5AI score0.68776EPSS
Exploits1
NVD
NVD
added 2005/01/15 5:0 a.m.20 views

CVE-2005-0095

The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service crash via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCPISEEYOU cache numbers...

5CVSS6.5AI score0.68776EPSS
Exploits1References16
FreeBSD
FreeBSD
added 2005/01/07 12:0 a.m.40 views

squid -- denial of service with forged WCCP messages

The squid patches page notes: WCCPISEEYOU messages contain a 'number of caches' field which should be between 1 and 32. Values outside that range may crash Squid if WCCP is enabled, and if an attacker can spoof UDP packets with the WCCP router's IP address...

5CVSS6.3AI score0.68776EPSS
Exploits1References3
Rows per page
Query Builder