Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-414-1
HistoryJan 25, 2007 - 12:00 a.m.

Squid vulnerabilities

2007-01-2500:00:00
ubuntu.com
27

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.968 High

EPSS

Percentile

99.7%

JSON

Releases

  • Ubuntu 6.10
  • Ubuntu 6.06

Details

David Duncan Ross Palmer and Henrik Nordstrom discovered that squid
incorrectly handled special characters in FTP URLs. Remote users with
access to squid could crash the server leading to a denial of service.
(CVE-2007-0247)

Erick Dantas Rotole and Henrik Nordstrom discovered that squid could end
up in an endless loop when exhausted of available external ACL helpers.
Remote users with access to squid could cause CPU starvation, possibly
leading to a denial of service. This does not affect a default Ubuntu
installation, since external ACL helpers must be configured and used.
(CVE-2007-0248)

OSVersionArchitecturePackageVersionFilename
Ubuntu6.10noarchsquid< 2.6.1-3ubuntu1.2UNKNOWN
Ubuntu6.06noarchsquid< 2.5.12-4ubuntu2.2UNKNOWN

Related

openvas 11
nessus 9
suse 1
securityvulns 1
gentoo 1
prion 2
ubuntucve 2
cve 2
debiancve 2
checkpoint_advisories 1
fedora 1
openvas
openvas
SLES9: Security update for squid
2009-10-10 00:00:00
Mandriva Update for squid MDKSA-2007:026 (squid)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200701-22 (squid)
2008-09-24 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 6.10 : squid vulnerabilities (USN-414-1)
2007-11-10 00:00:00
GLSA-200701-22 : Squid: Multiple Denial of Service vulnerabilities
2007-01-26 00:00:00
SuSE9 Security Update : squid (YOU Patch Number 11402)
2009-09-24 00:00:00
suse
suse
remote denial of service in squid
2007-01-23 12:13:41
securityvulns
securityvulns
Multiple Squid cache proxy security vulnerability
2007-01-17 00:00:00
gentoo
gentoo
Squid: Multiple Denial of Service vulnerabilities
2007-01-25 00:00:00
prion
prion
Design/Logic Flaw
2007-01-16 18:28:00
Design/Logic Flaw
2007-01-16 18:28:00
ubuntucve
ubuntucve
CVE-2007-0248
2007-01-16 00:00:00
CVE-2007-0247
2007-01-16 00:00:00
cve
cve
CVE-2007-0248
2007-01-16 18:28:00
CVE-2007-0247
2007-01-16 18:28:00
debiancve
debiancve
CVE-2007-0248
2007-01-16 18:28:00
CVE-2007-0247
2007-01-16 18:28:00
checkpoint_advisories
checkpoint_advisories
Squid Proxy FTP URI Processing Denial of Service (CVE-2007-0247)
2009-11-25 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: squid-2.5.STABLE14-3.FC5
2007-01-17 16:32:06

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.968 High

EPSS

Percentile

99.7%

JSON
Related for USN-414-1
openvas11nessus9suse1securityvulns1gentoo1prion2ubuntucve2cve2debiancve2checkpoint_advisories1fedora1