CVE-2011-3205
- EPSS 27.45%
- Veröffentlicht 06.09.2011 15:55:08
- Zuletzt bearbeitet 16.06.2026 23:32:52
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon ...
- EPSS 31.47%
- Veröffentlicht 12.10.2010 21:00:01
- Zuletzt bearbeitet 16.06.2026 23:21:49
dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors that trigger ...
- EPSS 64.24%
- Veröffentlicht 20.09.2010 21:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:04
The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
- EPSS 30.56%
- Veröffentlicht 15.02.2010 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:33
The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via craf...
- EPSS 22.86%
- Veröffentlicht 03.02.2010 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:15:54
lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.
- EPSS 36.73%
- Veröffentlicht 18.08.2009 21:00:00
- Zuletzt bearbeitet 16.06.2026 23:10:22
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
- EPSS 23.05%
- Veröffentlicht 28.07.2009 17:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:51
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header ...
- EPSS 56.91%
- Veröffentlicht 28.07.2009 17:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:51
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version...
CVE-2005-0211
- EPSS 22.15%
- Veröffentlicht 02.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:10:42
Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length pa...