Squid@2.5 .stable4 Security Vulnerabilities and Issues — Squid@2.5 .stable4 CVE List

Lucene search

SquidSquid2.5 .stable4

10 matches found

CVE•added 2005/01/19 5:0 a.m.•75 views

CVE-2005-0094

Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.

5CVSS6.4AI score0.46134EPSS

CVE•added 2005/04/14 4:0 a.m.•61 views

CVE-2005-0718

Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.

5CVSS6.3AI score0.12597EPSS

CVE•added 2005/01/27 5:0 a.m.•60 views

CVE-2004-0918

The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.

5CVSS6.2AI score0.68742EPSS

CVE•added 2005/01/25 5:0 a.m.•60 views

CVE-2005-0096

Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption).

5CVSS6.2AI score0.02283EPSS

CVE•added 2005/02/07 5:0 a.m.•60 views

CVE-2005-0175

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.

5CVSS6.3AI score0.81602EPSS

CVE•added 2005/09/07 6:3 p.m.•58 views

CVE-2005-2796

The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.

5CVSS6.2AI score0.15104EPSS

CVE•added 2005/05/02 4:0 a.m.•53 views

CVE-2005-0446

Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.

5CVSS6.3AI score0.65887EPSS

CVE•added 2005/01/19 5:0 a.m.•52 views

CVE-2005-0095

The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.

5CVSS6.4AI score0.75842EPSS

CVE•added 2005/01/19 5:0 a.m.•47 views

CVE-2005-0097

The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.

5CVSS6.1AI score0.48277EPSS

CVE•added 2005/02/07 5:0 a.m.•46 views

CVE-2005-0174

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names contain...

5CVSS6.3AI score0.85951EPSS