Lucene search

[email protected]CVE-2002-0713

HistoryJul 26, 2002 - 4:00 a.m.

CVE-2002-0713

2002-07-2604:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0713

buffer overflow

squid

denial of service

remote attack

arbitrary code execution

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.162 Low

EPSS

Percentile

96.0%

JSON

Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated.

Affected configurations

NVD

Node

squidsquidRange≤2.4.stable6

CPENameOperatorVersion
squid:squidsquidle2.4.stable6

CPE	Name	Operator	Version
squid:squid	squid	le	2.4.stable6

References

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-046.0.txt

marc.info/?l=bugtraq&m=102674543407606&w=2

rhn.redhat.com/errata/RHSA-2002-051.html

rhn.redhat.com/errata/RHSA-2002-130.html

www.iss.net/security_center/static/9480.php

www.iss.net/security_center/static/9481.php

www.iss.net/security_center/static/9482.php

www.linux-mandrake.com/en/security/2002/MDKSA-2002-044.php

www.securityfocus.com/bid/5155

www.securityfocus.com/bid/5156

www.securityfocus.com/bid/5157

www.squid-cache.org/Advisories/SQUID-2002_3.txt

www.squid-cache.org/Versions/v2/2.4/bugs/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.162 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2002-0713

cvelist1 nvd1 debiancve1 suse1 nessus2