5

CVE-2007-0248

The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SquidSquid Version2.6.stable6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.69% 0.93
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/23767
Patch
Vendor Advisory
http://secunia.com/advisories/23805
http://secunia.com/advisories/23889
http://secunia.com/advisories/23921
http://secunia.com/advisories/23946
http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:026
http://www.novell.com/linux/security/advisories/2007_12_squid.html
http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12
http://www.ubuntu.com/usn/usn-414-1
http://www.vupen.com/english/advisories/2007/0199
http://www.securityfocus.com/bid/22203
http://www.squid-cache.org/bugs/show_bug.cgi?id=1848
https://exchange.xforce.ibmcloud.com/vulnerabilities/31525