UbuntuUSN-1713-1Squid vulnerabilities
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.964 High
EPSS
Percentile
99.5%
Releases
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 11.10
- Ubuntu 10.04
Packages
- squid - Internet object cache (WWW proxy cache)
- squid3 - Full featured Web Proxy cache (HTTP proxy)
Details
It was discovered that squidโs cachemgr.cgi was vulnerable to excessive
resource use. A remote attacker could exploit this flaw to perform a denial
of service attack on the server and other hosted services. (CVE-2012-5643)
It was discovered that the patch for CVE-2012-5643 was incorrect. A
remote attacker could exploit this flaw to perform a denial of service
attack. (CVE-2013-0189)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.10 | noarch | squid-cgi | <ย 3.1.20-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | squid | <ย 3.1.20-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | squid3 | <ย 3.1.20-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | squid3-dbg | <ย 3.1.20-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | squidclient | <ย 3.1.20-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | squid-cgi | <ย 3.1.19-1ubuntu3.12.04.2 | UNKNOWN |
| Ubuntu | 12.04 | noarch | squid | <ย 3.1.19-1ubuntu3.12.04.2 | UNKNOWN |
| Ubuntu | 12.04 | noarch | squid3 | <ย 3.1.19-1ubuntu3.12.04.2 | UNKNOWN |
| Ubuntu | 12.04 | noarch | squid3-dbg | <ย 3.1.19-1ubuntu3.12.04.2 | UNKNOWN |
| Ubuntu | 12.04 | noarch | squidclient | <ย 3.1.19-1ubuntu3.12.04.2 | UNKNOWN |
Related
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.964 High
EPSS
Percentile
99.5%