Lucene search
UbuntuUSN-601-1HistoryApr 14, 2008 - 12:00 a.m.
Squid vulnerability
2008-04-1400:00:00
ubuntu.com
41
6.4 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.179 Low
EPSS
Percentile
96.1%
Releases
- Ubuntu 7.10
- Ubuntu 7.04
- Ubuntu 6.10
- Ubuntu 6.06
Packages
- squid -
Details
It was discovered that Squid did not perform proper bounds checking when
processing cache update replies. A remote authenticated user may be able
to trigger an assertion error and cause a denial of service. This
vulnerability is due to an incorrect upstream fix for CVE-2007-6239.
(CVE-2008-1612)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 7.10 | noarch | squid | <Β 2.6.14-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 7.10 | noarch | squid-cgi | <Β 2.6.14-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 7.10 | noarch | squidclient | <Β 2.6.14-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 7.04 | noarch | squid | <Β 2.6.5-4ubuntu2.2 | UNKNOWN |
| Ubuntu | 7.04 | noarch | squid-cgi | <Β 2.6.5-4ubuntu2.2 | UNKNOWN |
| Ubuntu | 7.04 | noarch | squidclient | <Β 2.6.5-4ubuntu2.2 | UNKNOWN |
| Ubuntu | 6.10 | noarch | squid | <Β 2.6.1-3ubuntu1.7 | UNKNOWN |
| Ubuntu | 6.10 | noarch | squid-cgi | <Β 2.6.1-3ubuntu1.7 | UNKNOWN |
| Ubuntu | 6.10 | noarch | squidclient | <Β 2.6.1-3ubuntu1.7 | UNKNOWN |
| Ubuntu | 6.06 | noarch | squid | <Β 2.5.12-4ubuntu2.4 | UNKNOWN |
References
Related
openvas
openvas
CentOS Update for squid CESA-2008:0214 centos3 i386
2009-02-27 00:00:00
Debian Security Advisory DSA 1646-2 (squid)
2008-11-01 00:00:00
CentOS Update for squid CESA-2008:0214 centos4 x86_64
2009-02-27 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : squid (MDVSA-2008:134)
2009-04-23 00:00:00
Debian DSA-1646-1 : squid - array bounds check
2008-10-07 00:00:00
Oracle Linux 3 / 4 / 5 : squid (ELSA-2008-0214)
2013-07-12 00:00:00
seebug
seebug
Squid Web代ηηΌεarrayShrink()ε½ζ°θΏη¨ζη»ζε‘ζΌζ΄
2008-04-17 00:00:00
debian
debian
[SECURITY] [DSA-1646-1] New squid packages fix array bounds check
2008-10-07 06:12:02
[SECURITY] [DSA 1646-2] New squid packages fix array bounds check
2008-10-11 06:47:39
[SECURITY] [DSA 1646-2] New squid packages fix array bounds check
2008-10-11 06:46:58
securityvulns
securityvulns
[USN-601-1] Squid vulnerability
2008-04-15 00:00:00
squid proxy server DoS
2007-12-12 00:00:00
squid proxy server DoS
2008-04-15 00:00:00
ubuntucve
ubuntucve
CVE-2008-1612
2008-04-01 00:00:00
CVE-2007-6239
2007-12-04 00:00:00
osv
osv
squid - array bounds check
2008-10-07 00:00:00
squid - programming error
2008-02-05 00:00:00
oraclelinux
oraclelinux
squid security update
2008-04-09 00:00:00
Moderate: squid security update
2007-12-18 00:00:00
debiancve
debiancve
CVE-2008-1612
2008-04-01 17:44:00
CVE-2007-6239
2007-12-04 18:46:00
prion
prion
Code injection
2008-04-01 17:44:00
Memory corruption
2007-12-04 18:46:00
cve
cve
CVE-2008-1612
2008-04-01 17:44:00
CVE-2007-6239
2007-12-04 18:46:00
gentoo
gentoo
Squid: Multiple Denial of Service vulnerabilities
2009-03-24 00:00:00
Squid: Denial of service
2008-01-09 00:00:00
cert
cert
Squid remote denial-of-service vulnerability
2007-12-10 00:00:00
centos
centos
squid security update
2008-01-13 02:19:55
squid security update
2007-12-18 18:09:00
squid security update
2008-04-10 17:05:05
ubuntu
ubuntu
Squid vulnerability
2008-01-09 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: squid-2.6.STABLE16-2.fc7
2007-12-15 19:27:50
[SECURITY] Fedora 8 Update: squid-2.6.STABLE17-1.fc8
2007-12-15 19:27:04
[SECURITY] Fedora 8 Update: squid-2.6.STABLE19-1.fc8
2008-04-29 20:53:41
freebsd
freebsd
Squid -- Denial of Service Vulnerability
2007-11-28 00:00:00
redhat
redhat
(RHSA-2007:1130) Moderate: squid security update
2007-12-18 00:00:00
(RHSA-2008:0214) Moderate: squid security update
2008-04-08 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:19:28
Denial Of Service (DoS)
2020-04-10 00:26:20
6.4 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.179 Low
EPSS
Percentile
96.1%
Related for USN-601-1