5

CVE-2007-1560

The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SquidSquid Version2.6.stable1
SquidSquid Version2.6.stable2
SquidSquid Version2.6.stable3
SquidSquid Version2.6.stable4
SquidSquid Version2.6.stable5
SquidSquid Version2.6.stable6
SquidSquid Version2.6.stable7
SquidSquid Version2.6.stable8
SquidSquid Version2.6.stable9
SquidSquid Version2.6.stable10
SquidSquid Version2.6.stable11
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 27.45% 0.978
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.novell.com/linux/security/advisories/2007_5_sr.html
http://secunia.com/advisories/24611
Patch
Vendor Advisory
http://secunia.com/advisories/24614
Vendor Advisory
http://secunia.com/advisories/24625
Vendor Advisory
http://secunia.com/advisories/24662
Vendor Advisory
http://secunia.com/advisories/24911
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200703-27.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:068
http://www.redhat.com/support/errata/RHSA-2007-0131.html
http://www.securityfocus.com/bid/23085
http://www.securitytracker.com/id?1017805
http://www.squid-cache.org/Advisories/SQUID-2007_1.txt
Patch
Vendor Advisory
http://www.squid-cache.org/Versions/v2/2.6/changesets/11349.patch
http://www.ubuntu.com/usn/usn-441-1
http://www.vupen.com/english/advisories/2007/1035
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33124
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10291