ID SECURITYVULNS:VULN:1885
Type securityvulns
Reporter BUGTRAQ
Modified 2002-03-26T00:00:00
Description
Server can crash on malformed sompresses DNS reply.
{"id": "SECURITYVULNS:VULN:1885", "bulletinFamily": "software", "title": "squid DNS DoS", "description": "Server can crash on malformed sompresses DNS reply.", "published": "2002-03-26T00:00:00", "modified": "2002-03-26T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:1885", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:2677"], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:09:16", "edition": 1, "viewCount": 0, "enchantments": {"score": {"value": 2.7, "vector": "NONE", "modified": "2018-08-31T11:09:16", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["EULEROS_SA-2020-1498.NASL", "EULEROS_SA-2020-1457.NASL", "EULEROS_SA-2020-1496.NASL", "EULEROS_SA-2020-1477.NASL", "EULEROS_SA-2020-1491.NASL", "EULEROS_SA-2020-1494.NASL", "EULEROS_SA-2020-1483.NASL", "EULEROS_SA-2020-1489.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220201494", "OPENVAS:1361412562311220201489", "OPENVAS:1361412562311220201457", "OPENVAS:1361412562311220201446", "OPENVAS:1361412562311220201477", "OPENVAS:1361412562311220201400", "OPENVAS:1361412562311220201491", "OPENVAS:1361412562311220201476", "OPENVAS:1361412562311220201430", "OPENVAS:1361412562311220201473"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:2677"]}], "modified": "2018-08-31T11:09:16", "rev": 2}, "vulnersScore": 2.7}, "affectedSoftware": [{"name": "squid", "operator": "eq", "version": "2.4"}, {"name": "Squid", "operator": "eq", "version": "2.6"}, {"name": "squid", "operator": "eq", "version": "2.5"}, {"name": "squid", "operator": "eq", "version": "2.3"}]}
{"rst": [{"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **34[.]233.136.71** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **10**.\n First seen: 2021-02-18T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **generic**.\nASN 14618: (First IP 34.224.0.0, Last IP 34.239.255.255).\nASN Name \"AMAZONAES\" and Organisation \"Amazoncom Inc\".\nThis IP is a part of \"**amazon_cloud_ec2**\" address pools.\nASN hosts 12218505 domains.\nGEO IP information: City \"\", Country \"United States\".\nIOC could be a **False Positive** (Cloud provider IP).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-18T00:00:00", "id": "RST:9ABC25CA-1885-3022-A0FC-BB7EC062C12A", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: 34.233.136.71", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **60[.]246.173.141** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **37**.\n First seen: 2021-02-18T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **generic**.\nASN 4609: (First IP 60.246.0.0, Last IP 60.246.255.255).\nASN Name \"CTMMO\" and Organisation \"Companhia de Telecomunicacoes de Macau SARL\".\nASN hosts 1596 domains.\nGEO IP information: City \"Macao\", Country \"Macao\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-18T00:00:00", "id": "RST:B061E21A-1885-3223-8AF3-563CB09834CE", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: 60.246.173.141", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-25T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **russianperos[.]duckdns.org** in [RST Threat Feed](https://rstcloud.net/profeed) with score **3**.\n First seen: 2020-01-02T03:00:00, Last seen: 2021-02-25T03:00:00.\n IOC tags: **malware**.\nDomain has DNS A records: 192[.]169.69.25\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-01-02T00:00:00", "id": "RST:C2B6F01A-1885-3D6A-9F5D-D1D77D9DF9E4", "href": "", "published": "2021-02-26T00:00:00", "title": "RST Threat feed. IOC: russianperos.duckdns.org", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-17T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **fts[.]pool-pay.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2021-01-17T03:00:00, Last seen: 2021-01-17T03:00:00.\n IOC tags: **cryptomining**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-17T00:00:00", "id": "RST:8A76B586-1885-3A51-9A6F-2E9564E7EC40", "href": "", "published": "2021-02-24T00:00:00", "title": "RST Threat feed. IOC: fts.pool-pay.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-17T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **1885[.]btcc.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-08-04T03:00:00, Last seen: 2021-01-17T03:00:00.\n IOC tags: **cryptomining**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-08-04T00:00:00", "id": "RST:CE5AD3CC-731C-3FF5-88CB-81761C1A59DD", "href": "", "published": "2021-02-24T00:00:00", "title": "RST Threat feed. IOC: 1885.btcc.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0[.]0.0.0 chat21.api.binance.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **48**.\n First seen: 2021-02-23T03:00:00, Last seen: 2021-02-23T03:00:00.\n IOC tags: **cryptomining**.\nDomain has DNS A records: 54[.]95.212.255,54.250.4.108\nWhois:\n Created: 2017-04-01 16:48:33, \n Registrar: unknown, \n Registrant: MarkMonitor Inc.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-23T00:00:00", "id": "RST:B50C3A53-1885-3BDD-A35D-C746934E0496", "href": "", "published": "2021-02-23T00:00:00", "title": "RST Threat feed. IOC: 0.0.0.0 chat21.api.binance.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **knuckleupp[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2019-12-15T03:00:00, Last seen: 2021-02-20T03:00:00.\n IOC tags: **spam**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:65A27A3A-1885-310C-90EF-87C77D92A3E5", "href": "", "published": "2021-02-21T00:00:00", "title": "RST Threat feed. IOC: knuckleupp.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-19T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **whatsapgrup[.]pointdns2.xyz** in [RST Threat Feed](https://rstcloud.net/profeed) with score **61**.\n First seen: 2021-02-19T03:00:00, Last seen: 2021-02-19T03:00:00.\n IOC tags: **phishing**.\nDomain has DNS A records: 66[.]42.52.177\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-19T00:00:00", "id": "RST:BEE727D2-1885-342B-B0F6-E4F21F64C0C6", "href": "", "published": "2021-02-19T00:00:00", "title": "RST Threat feed. IOC: whatsapgrup.pointdns2.xyz", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **pc-scan-1885[.]win** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-02-14T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:E55B8332-9165-3B95-9999-B03CCF29D51A", "href": "", "published": "2021-02-15T00:00:00", "title": "RST Threat feed. IOC: pc-scan-1885.win", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **ansius[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2019-12-17T03:00:00, Last seen: 2021-02-14T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-17T00:00:00", "id": "RST:12DDD5C0-1885-3E5A-B89D-6279BEF2269B", "href": "", "published": "2021-02-15T00:00:00", "title": "RST Threat feed. IOC: ansius.com", "type": "rst", "cvss": {}}]}
