Lucene search
Ubuntu.comUB:CVE-2010-2951HistoryOct 12, 2010 - 12:00 a.m.
CVE-2010-2951
2010-10-1200:00:00
ubuntu.com
ubuntu.com
14
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.342 Low
EPSS
Percentile
97.1%
dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled,
accesses an invalid socket during an IPv4 TCP DNS query, which allows
remote attackers to cause a denial of service (assertion failure and daemon
exit) via vectors that trigger an IPv4 DNS response with the TC bit set.
Notes
| Author | Note |
|---|---|
| jdstrand | per upstream, 3.1 only |
Related
debiancve
debiancve
CVE-2010-2951
2010-10-12 21:00:00
nessus
nessus
Squid 3.1.6 DNS Reply Denial of Service
2010-08-25 00:00:00
GLSA-201110-24 : Squid: Multiple vulnerabilities
2011-10-27 00:00:00
RHEL 6 : squid (Unpatched Vulnerability)
2024-06-03 00:00:00
openvas
openvas
Squid 3.1.6 'DNS' Reply Remote Buffer Overflow Vulnerability
2010-09-02 00:00:00
Gentoo Security Advisory GLSA 201110-24 (Squid)
2012-02-12 00:00:00
Gentoo Security Advisory GLSA 201110-24 (Squid)
2012-02-12 00:00:00
prion
prion
Design/Logic Flaw
2010-10-12 21:00:00
cvelist
cvelist
CVE-2010-2951
2010-10-12 20:00:00
cve
cve
CVE-2010-2951
2010-10-12 21:00:01
nvd
nvd
CVE-2010-2951
2010-10-12 21:00:01
debian
debian
[BSA-031] Security Update for squid3
2011-03-30 15:16:12
gentoo
gentoo
Squid: Multiple vulnerabilities
2011-10-26 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.342 Low
EPSS
Percentile
97.1%
Related for UB:CVE-2010-2951