Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60618
HistoryFeb 03, 2013 - 12:00 a.m.

Squid 'cachemgr.cgi'不完整修复远程拒绝服务漏洞

2013-02-0300:00:00
Root
www.seebug.org
72

0.965 High

EPSS

Percentile

99.5%

JSON

Bugtraq ID:57646
CVE ID: CVE-2013-0189

Squid是一款功能强大的代理服务器和Web缓存服务器。

Squid tools/cachemgr.cc存在多个内存泄露问题,允许远程攻击者通过提交非法Content-Length头,超长POST请求,和特制的验证凭据触发此漏洞,造成应用程序崩溃。此问题是由于未完整修复CVE-2012-5643引起的。
0
Squid 2.x
Squid 3.x
Squid 3.2.x
Squid 3.3.x
厂商解决方案

用户可参考如下厂商提供的安全公告获得补丁信息:
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID-2012_1.patch
http://www.squid-cache.org/Versions/v3/3.2/changesets/SQUID-2012_1.patch

Related

nessus 24
openvas 22
securityvulns 2
ubuntucve 2
ubuntu 1
cve 3
fedora 6
prion 3
debian 1
debiancve 2
freebsd 1
osv 1
veracode 1
redhat 1
checkpoint_advisories 1
altlinux 1
oraclelinux 1
centos 1
gentoo 1
suse 2
nessus
nessus
Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : squid, squid3 vulnerabilities (USN-1713-1)
2013-01-31 00:00:00
Mandriva Linux Security Advisory : squid (MDVSA-2013:013)
2013-02-21 00:00:00
Debian DSA-2631-1 : squid3 - denial of service
2013-02-25 00:00:00
openvas
openvas
Debian Security Advisory DSA 2631-1 (squid3 - denial of service)
2013-02-24 00:00:00
Fedora Update for squid FEDORA-2013-1616
2013-02-11 00:00:00
Fedora Update for squid FEDORA-2013-1625
2013-02-11 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:013 ] squid
2013-02-24 00:00:00
squid cachemanager DoS
2013-02-24 00:00:00
ubuntucve
ubuntucve
CVE-2013-0189
2013-01-16 00:00:00
CVE-2012-5643
2012-12-20 00:00:00
ubuntu
ubuntu
Squid vulnerabilities
2013-01-31 00:00:00
cve
cve
CVE-2013-0189
2013-02-08 20:55:00
CVE-2012-5643
2012-12-20 12:02:00
CVE-2013-0188
2013-10-04 23:55:00
fedora
fedora
[SECURITY] Fedora 18 Update: squid-3.2.5-2.fc18
2013-02-08 16:55:06
[SECURITY] Fedora 17 Update: squid-3.2.5-2.fc17
2013-02-08 17:02:49
[SECURITY] Fedora 17 Update: squid-3.2.9-1.fc17
2013-04-05 23:00:38
prion
prion
Design/Logic Flaw
2013-02-08 20:55:00
Authentication flaw
2012-12-20 12:02:00
Design/Logic Flaw
2013-10-04 23:55:00
debian
debian
[SECURITY] [DSA 2631-1] squid3 security update
2013-02-24 10:51:43
debiancve
debiancve
CVE-2013-0189
2013-02-08 20:55:00
CVE-2012-5643
2012-12-20 12:02:00
freebsd
freebsd
squid -- denial of service
2012-12-17 00:00:00
osv
osv
squid3 - denial of service
2013-02-24 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:57:14
redhat
redhat
(RHSA-2013:0505) Moderate: squid security and bug fix update
2013-02-21 00:00:00
checkpoint_advisories
checkpoint_advisories
Squid Proxy Cache cachemgr.cgi Resource Exhaustion (CVE-2012-5643)
2012-12-30 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package squid version 3.1.23-alt1
2013-01-28 00:00:00
oraclelinux
oraclelinux
squid security and bug fix update
2013-02-22 00:00:00
centos
centos
squid security update
2013-02-27 19:38:48
gentoo
gentoo
Squid: Multiple vulnerabilities
2013-09-27 00:00:00
suse
suse
Security update for squid3 (important)
2016-08-09 17:12:26
Security update for squid3 (important)
2016-08-16 18:08:55

0.965 High

EPSS

Percentile

99.5%

JSON
Related for SSV:60618
nessus24openvas22securityvulns2ubuntucve2ubuntu1cve3fedora6prion3debian1debiancve2freebsd1osv1veracode1redhat1checkpoint_advisories1altlinux1oraclelinux1centos1gentoo1suse2