Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-6239
HistoryDec 04, 2007 - 6:46 p.m.

CVE-2007-6239

2007-12-0418:46:00
CWE-20
[email protected]
web.nvd.nist.gov
38
squid
denial of service
cve-2007-6239
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.179 Low

EPSS

Percentile

96.2%

JSON

The “cache update reply processing” functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.

Affected configurations

NVD
Node
squidsquid_web_proxy_cacheMatch2.0_patch2
OR
squidsquid_web_proxy_cacheMatch2.1_patch2
OR
squidsquid_web_proxy_cacheMatch2.3.stable4
OR
squidsquid_web_proxy_cacheMatch2.3.stable5
OR
squidsquid_web_proxy_cacheMatch2.4_stable2
OR
squidsquid_web_proxy_cacheMatch2.4_stable4
OR
squidsquid_web_proxy_cacheMatch2.4_stable6
OR
squidsquid_web_proxy_cacheMatch2.4_stable7
OR
squidsquid_web_proxy_cacheMatch2.5.stable11
OR
squidsquid_web_proxy_cacheMatch2.5.stable12
OR
squidsquid_web_proxy_cacheMatch2.5.stable13
OR
squidsquid_web_proxy_cacheMatch2.5.stable14
OR
squidsquid_web_proxy_cacheMatch2.5_.stable9
OR
squidsquid_web_proxy_cacheMatch2.5_stable1
OR
squidsquid_web_proxy_cacheMatch2.5_stable3
OR
squidsquid_web_proxy_cacheMatch2.5_stable4
OR
squidsquid_web_proxy_cacheMatch2.5_stable5
OR
squidsquid_web_proxy_cacheMatch2.5_stable6
OR
squidsquid_web_proxy_cacheMatch2.5_stable7
OR
squidsquid_web_proxy_cacheMatch2.5_stable8
OR
squidsquid_web_proxy_cacheMatch2.5_stable10
OR
squidsquid_web_proxy_cacheMatch2.6
OR
squidsquid_web_proxy_cacheMatch2.6.stable1
OR
squidsquid_web_proxy_cacheMatch2.6.stable2
OR
squidsquid_web_proxy_cacheMatch2.6.stable3
OR
squidsquid_web_proxy_cacheMatch2.6.stable4
OR
squidsquid_web_proxy_cacheMatch2.6.stable5
OR
squidsquid_web_proxy_cacheMatch2.6.stable6
OR
squidsquid_web_proxy_cacheMatch2.6.stable7
OR
squidsquid_web_proxy_cacheMatch2.6.stable12
OR
squidsquid_web_proxy_cacheMatch2.6.stable13
OR
squidsquid_web_proxy_cacheMatch2.6.stable14
OR
squidsquid_web_proxy_cacheMatch2.6.stable15
OR
squidsquid_web_proxy_cacheMatch2.6.stable16
OR
squidsquid_web_proxy_cacheMatch3.0
OR
squidsquid_web_proxy_cacheMatch3.0_pre1
OR
squidsquid_web_proxy_cacheMatch3.0_pre2
OR
squidsquid_web_proxy_cacheMatch3.0_pre3

References

Related

nessus 22
openvas 52
ubuntu 2
osv 2
centos 2
debiancve 2
debian 5
oraclelinux 2
redhat 1
fedora 2
veracode 1
cert 1
securityvulns 2
ubuntucve 2
gentoo 2
prion 2
cvelist 2
nvd 2
freebsd 1
seebug 1
cve 1
nessus
nessus
GLSA-200801-05 : Squid: Denial of Service
2008-01-10 00:00:00
RHEL 2.1 / 3 / 4 / 5 : squid (RHSA-2007:1130)
2007-12-19 00:00:00
openSUSE 10 Security Update : squid (squid-4779)
2007-12-31 00:00:00
openvas
openvas
RedHat Update for squid RHSA-2007:1130-01
2009-03-06 00:00:00
Fedora Update for squid FEDORA-2007-4170
2009-02-27 00:00:00
Mandriva Update for squid MDVSA-2008:002 (squid)
2009-04-09 00:00:00
ubuntu
ubuntu
Squid vulnerability
2008-01-09 00:00:00
Squid vulnerability
2008-04-14 00:00:00
osv
osv
squid - programming error
2008-02-05 00:00:00
squid - array bounds check
2008-10-07 00:00:00
centos
centos
squid security update
2007-12-18 18:09:00
squid security update
2008-01-13 02:19:55
debiancve
debiancve
CVE-2007-6239
2007-12-04 18:46:00
CVE-2008-1612
2008-04-01 17:44:00
debian
debian
[SECURITY] [DSA 1482-1] New squid packages fix denial of service
2008-02-05 22:40:10
[SECURITY] [DSA-1646-1] New squid packages fix array bounds check
2008-10-07 06:12:02
[SECURITY] [DSA 1646-2] New squid packages fix array bounds check
2008-10-11 06:46:58
oraclelinux
oraclelinux
Moderate: squid security update
2007-12-18 00:00:00
squid security update
2008-04-09 00:00:00
redhat
redhat
(RHSA-2007:1130) Moderate: squid security update
2007-12-18 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: squid-2.6.STABLE17-1.fc8
2007-12-15 19:27:04
[SECURITY] Fedora 7 Update: squid-2.6.STABLE16-2.fc7
2007-12-15 19:27:50
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:19:28
cert
cert
Squid remote denial-of-service vulnerability
2007-12-10 00:00:00
securityvulns
securityvulns
squid proxy server DoS
2007-12-12 00:00:00
[USN-601-1] Squid vulnerability
2008-04-15 00:00:00
ubuntucve
ubuntucve
CVE-2007-6239
2007-12-04 00:00:00
CVE-2008-1612
2008-04-01 00:00:00
gentoo
gentoo
Squid: Denial of service
2008-01-09 00:00:00
Squid: Multiple Denial of Service vulnerabilities
2009-03-24 00:00:00
prion
prion
Memory corruption
2007-12-04 18:46:00
Code injection
2008-04-01 17:44:00
cvelist
cvelist
CVE-2007-6239
2007-12-04 18:00:00
CVE-2008-1612
2008-04-01 17:00:00
nvd
nvd
CVE-2007-6239
2007-12-04 18:46:00
CVE-2008-1612
2008-04-01 17:44:00
freebsd
freebsd
Squid -- Denial of Service Vulnerability
2007-11-28 00:00:00
seebug
seebug
Squid Web代理缓存arrayShrink()函数远程拒绝服务漏洞
2008-04-17 00:00:00
cve
cve
CVE-2008-1612
2008-04-01 17:44:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.179 Low

EPSS

Percentile

96.2%

JSON
Related for CVE-2007-6239
nessus22openvas52ubuntu2osv2centos2debiancve2debian5oraclelinux2redhat1fedora2veracode1cert1securityvulns2ubuntucve2gentoo2prion2cvelist2nvd2freebsd1seebug1cve1