Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-901-1
HistoryFeb 16, 2010 - 12:00 a.m.

Squid vulnerabilities

2010-02-1600:00:00
ubuntu.com
27

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.965 High

EPSS

Percentile

99.6%

JSON

Releases

  • Ubuntu 9.10
  • Ubuntu 9.04
  • Ubuntu 8.10
  • Ubuntu 8.04
  • Ubuntu 6.06

Packages

  • squid -

Details

It was discovered that Squid incorrectly handled certain auth headers. A
remote attacker could exploit this with a specially-crafted auth header
and cause Squid to go into an infinite loop, resulting in a denial of
service. This issue only affected Ubuntu 8.10, 9.04 and 9.10.
(CVE-2009-2855)

It was discovered that Squid incorrectly handled certain DNS packets. A
remote attacker could exploit this with a specially-crafted DNS packet
and cause Squid to crash, resulting in a denial of service. (CVE-2010-0308)

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchsquid< 2.7.STABLE6-2ubuntu2.1UNKNOWN
Ubuntu9.10noarchsquid-cgi< 2.7.STABLE6-2ubuntu2.1UNKNOWN
Ubuntu9.04noarchsquid< 2.7.STABLE3-4.1ubuntu1.1UNKNOWN
Ubuntu9.04noarchsquid< cgi-2.7.STABLE3-4.1ubuntu1.1UNKNOWN
Ubuntu8.10noarchsquid< 2.7.STABLE3-1ubuntu2.2UNKNOWN
Ubuntu8.10noarchsquid< cgi-2.7.STABLE3-1ubuntu2.2UNKNOWN
Ubuntu8.04noarchsquid< 2.6.18-1ubuntu3.1UNKNOWN
Ubuntu8.04noarchsquid-cgi< 2.6.18-1ubuntu3.1UNKNOWN
Ubuntu8.04noarchsquidclient< 2.6.18-1ubuntu3.1UNKNOWN
Ubuntu6.06noarchsquid< 2.5.12-4ubuntu2.5UNKNOWN
Rows per page:
1-10 of 121

Related

securityvulns 4
openvas 25
redhat 1
oraclelinux 1
nessus 19
debian 1
osv 1
prion 2
ubuntucve 2
cve 2
debiancve 2
checkpoint_advisories 1
veracode 2
seebug 1
freebsd 1
gentoo 1
securityvulns
securityvulns
squid proxy server DoS
2010-02-04 00:00:00
[SECURITY] [DSA 1991-1] New squid/squid3 packages fix denial of service
2010-02-04 00:00:00
[ MDVSA-2009:241 ] squid
2009-09-23 00:00:00
openvas
openvas
Ubuntu Update for squid vulnerabilities USN-901-1
2010-02-19 00:00:00
RedHat Update for squid RHSA-2010:0221-04
2010-04-06 00:00:00
Debian: Security Advisory (DSA-1991-1)
2010-02-10 00:00:00
redhat
redhat
(RHSA-2010:0221) Low: squid security and bug fix update
2010-03-30 00:00:00
oraclelinux
oraclelinux
squid security and bug fix update
2010-04-05 00:00:00
nessus
nessus
SuSE 10 Security Update : squid (ZYPP Patch Number 6931)
2010-10-11 00:00:00
Scientific Linux Security Update : squid on SL5.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 5 : squid (ELSA-2010-0221)
2023-09-07 00:00:00
debian
debian
[SECURITY] [DSA 1991-1] New squid/squid3 packages fix denial of service
2010-02-04 08:46:53
osv
osv
squid squid3 - denial of service
2010-02-04 00:00:00
prion
prion
Design/Logic Flaw
2010-02-03 18:30:00
Code injection
2009-08-18 21:00:00
ubuntucve
ubuntucve
CVE-2009-2855
2009-08-18 00:00:00
CVE-2010-0308
2010-02-03 00:00:00
cve
cve
CVE-2009-2855
2009-08-18 21:00:00
CVE-2010-0308
2010-02-03 18:30:00
debiancve
debiancve
CVE-2010-0308
2010-02-03 18:30:00
CVE-2009-2855
2009-08-18 21:00:00
checkpoint_advisories
checkpoint_advisories
Squid strListGetItem Denial of Service (CVE-2009-2855)
2010-05-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:47:42
Denial Of Service (DoS)
2020-04-10 00:47:43
seebug
seebug
Squid外部认证头解析器拒绝服务漏洞
2009-08-21 00:00:00
freebsd
freebsd
squid -- Denial of Service vulnerability in DNS handling
2010-01-14 00:00:00
gentoo
gentoo
Squid: Multiple vulnerabilities
2011-10-26 00:00:00

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.965 High

EPSS

Percentile

99.6%

JSON
Related for USN-901-1
securityvulns4openvas25redhat1oraclelinux1nessus19debian1osv1prion2ubuntucve2cve2debiancve2checkpoint_advisories1veracode2seebug1freebsd1gentoo1