Squid@3.2.11 Security Vulnerabilities and Issues — Squid@3.2.11 CVE List

Lucene search

Squid-cacheSquid3.2.11

5 matches found

CVE•added 2014/09/12 2:55 p.m.•97 views

CVE-2014-6270

Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow.

6.8CVSS8.4AI score0.19915EPSS

CVE•added 2014/11/26 3:59 p.m.•75 views

CVE-2014-7142

The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.

6.4CVSS8.1AI score0.64227EPSS

CVE•added 2014/09/11 6:55 p.m.•73 views

CVE-2014-3609

HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values."

5CVSS6.2AI score0.84085EPSS

CVE•added 2014/11/26 3:59 p.m.•72 views

CVE-2014-7141

The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

6.4CVSS8.1AI score0.77333EPSS

CVE•added 2014/04/14 3:9 p.m.•71 views

CVE-2014-0128

Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management.

5CVSS8AI score0.54968EPSS