- EPSS 60.66%
- Veröffentlicht 18.08.2009 21:00:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
- EPSS 23.56%
- Veröffentlicht 28.07.2009 17:30:01
- Zuletzt bearbeitet 09.04.2025 00:30:58
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header ...
- EPSS 26.19%
- Veröffentlicht 28.07.2009 17:30:01
- Zuletzt bearbeitet 09.04.2025 00:30:58
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version...
CVE-2005-0211
- EPSS 41.52%
- Veröffentlicht 02.05.2005 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length pa...