5

CVE-2010-3072

The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Squid-cacheSquid Version3.0
Squid-cacheSquid Version3.0.stable1
Squid-cacheSquid Version3.0.stable2
Squid-cacheSquid Version3.0.stable3
Squid-cacheSquid Version3.0.stable4
Squid-cacheSquid Version3.0.stable5
Squid-cacheSquid Version3.0.stable6
Squid-cacheSquid Version3.0.stable7
Squid-cacheSquid Version3.0.stable8
Squid-cacheSquid Version3.0.stable9
Squid-cacheSquid Version3.0.stable10
Squid-cacheSquid Version3.0.stable11
Squid-cacheSquid Version3.0.stable11 Updaterc1
Squid-cacheSquid Version3.0.stable12
Squid-cacheSquid Version3.0.stable13
Squid-cacheSquid Version3.0.stable14
Squid-cacheSquid Version3.0.stable15
Squid-cacheSquid Version3.0.stable16
Squid-cacheSquid Version3.0.stable16 Updaterc1
Squid-cacheSquid Version3.0.stable17
Squid-cacheSquid Version3.0.stable18
Squid-cacheSquid Version3.0.stable19
Squid-cacheSquid Version3.0.stable20
Squid-cacheSquid Version3.0.stable21
Squid-cacheSquid Version3.0.stable22
Squid-cacheSquid Version3.0.stable23
Squid-cacheSquid Version3.0.stable24
Squid-cacheSquid Version3.0.stable25
Squid-cacheSquid Version3.1
Squid-cacheSquid Version3.1.0.1
Squid-cacheSquid Version3.1.0.2
Squid-cacheSquid Version3.1.0.3
Squid-cacheSquid Version3.1.0.4
Squid-cacheSquid Version3.1.0.5
Squid-cacheSquid Version3.1.0.6
Squid-cacheSquid Version3.1.0.7
Squid-cacheSquid Version3.1.0.8
Squid-cacheSquid Version3.1.0.9
Squid-cacheSquid Version3.1.0.10
Squid-cacheSquid Version3.1.0.11
Squid-cacheSquid Version3.1.0.12
Squid-cacheSquid Version3.1.0.13
Squid-cacheSquid Version3.1.0.14
Squid-cacheSquid Version3.1.0.15
Squid-cacheSquid Version3.1.0.16
Squid-cacheSquid Version3.1.0.17
Squid-cacheSquid Version3.1.0.18
Squid-cacheSquid Version3.1.1
Squid-cacheSquid Version3.1.2
Squid-cacheSquid Version3.1.3
Squid-cacheSquid Version3.1.4
Squid-cacheSquid Version3.1.5
Squid-cacheSquid Version3.1.5.1
Squid-cacheSquid Version3.1.6
Squid-cacheSquid Version3.1.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 64.24% 0.991
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047787.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047820.html
http://secunia.com/advisories/41298
Vendor Advisory
http://secunia.com/advisories/41477
Vendor Advisory
http://secunia.com/advisories/41534
http://www.debian.org/security/2010/dsa-2111
http://www.openwall.com/lists/oss-security/2010/09/05/2
Patch
http://www.openwall.com/lists/oss-security/2010/09/07/7
Patch
http://www.securityfocus.com/bid/42982
http://www.squid-cache.org/Advisories/SQUID-2010_3.txt
Vendor Advisory
http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9189.patch
Patch
http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10090.patch
Patch
http://www.vupen.com/english/advisories/2010/2433
https://bugzilla.redhat.com/show_bug.cgi?id=630444
Patch