Squid@2.4 Security Vulnerabilities and Issues — Squid@2.4 CVE List

Lucene search

Squid-cacheSquid2.4

4 matches found

CVE•added 2016/04/25 2:59 p.m.•138 views

CVE-2016-4051

Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.

8.8CVSS8.8AI score0.05513EPSS

CVE•added 2012/12/20 12:2 p.m.•100 views

CVE-2012-5643

Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authent...

5CVSS8.3AI score0.39326EPSS

CVE•added 2010/02/15 6:30 p.m.•72 views

CVE-2010-0639

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port.

5CVSS6.3AI score0.56162EPSS

CVE•added 2010/02/03 6:30 p.m.•67 views

CVE-2010-0308

lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.

4CVSS6.1AI score0.19076EPSS