Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-1612HistoryApr 01, 2008 - 5:44 p.m.
CVE-2008-1612
2008-04-0117:44:00
Debian Security Bug Tracker
security-tracker.debian.org
16
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.2 Medium
AI Score
Confidence
Low
0.179 Low
EPSS
Percentile
96.2%
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | squid | <Β 2.6.18-1 | squid_2.6.18-1_all.deb |
| Debian | 11 | all | squid | <Β 2.6.18-1 | squid_2.6.18-1_all.deb |
| Debian | 999 | all | squid | <Β 2.6.18-1 | squid_2.6.18-1_all.deb |
| Debian | 13 | all | squid | <Β 2.6.18-1 | squid_2.6.18-1_all.deb |
Related
oraclelinux
oraclelinux
squid security update
2008-04-09 00:00:00
Moderate: squid security update
2007-12-18 00:00:00
nessus
nessus
RHEL 2.1 / 3 / 4 / 5 : squid (RHSA-2008:0214)
2008-04-11 00:00:00
Debian DSA-1646-1 : squid - array bounds check
2008-10-07 00:00:00
Mandriva Linux Security Advisory : squid (MDVSA-2008:134)
2009-04-23 00:00:00
ubuntu
ubuntu
Squid vulnerability
2008-04-14 00:00:00
Squid vulnerability
2008-01-09 00:00:00
openvas
openvas
CentOS Update for squid CESA-2008:0214 centos3 i386
2009-02-27 00:00:00
RedHat Update for squid RHSA-2008:0214-01
2009-03-06 00:00:00
CentOS Update for squid CESA-2008:0214-01 centos2 i386
2009-02-27 00:00:00
cvelist
cvelist
CVE-2008-1612
2008-04-01 17:00:00
CVE-2007-6239
2007-12-04 18:00:00
osv
osv
squid - array bounds check
2008-10-07 00:00:00
squid - programming error
2008-02-05 00:00:00
nvd
nvd
CVE-2008-1612
2008-04-01 17:44:00
CVE-2007-6239
2007-12-04 18:46:00
seebug
seebug
Squid Web代ηηΌεarrayShrink()ε½ζ°θΏη¨ζη»ζε‘ζΌζ΄
2008-04-17 00:00:00
cve
cve
CVE-2008-1612
2008-04-01 17:44:00
CVE-2007-6239
2007-12-04 18:46:00
prion
prion
Code injection
2008-04-01 17:44:00
Memory corruption
2007-12-04 18:46:00
debian
debian
[SECURITY] [DSA-1646-1] New squid packages fix array bounds check
2008-10-07 06:12:02
[SECURITY] [DSA 1646-2] New squid packages fix array bounds check
2008-10-11 06:46:58
[SECURITY] [DSA-1646-1] New squid packages fix array bounds check
2008-10-07 06:12:02
ubuntucve
ubuntucve
CVE-2008-1612
2008-04-01 00:00:00
CVE-2007-6239
2007-12-04 00:00:00
securityvulns
securityvulns
[USN-601-1] Squid vulnerability
2008-04-15 00:00:00
squid proxy server DoS
2007-12-12 00:00:00
squid proxy server DoS
2008-04-15 00:00:00
gentoo
gentoo
Squid: Multiple Denial of Service vulnerabilities
2009-03-24 00:00:00
Squid: Denial of service
2008-01-09 00:00:00
centos
centos
squid security update
2007-12-18 18:09:00
squid security update
2008-01-13 02:19:55
squid security update
2008-04-10 23:57:37
debiancve
debiancve
CVE-2007-6239
2007-12-04 18:46:00
cert
cert
Squid remote denial-of-service vulnerability
2007-12-10 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: squid-2.6.STABLE16-2.fc7
2007-12-15 19:27:50
[SECURITY] Fedora 8 Update: squid-2.6.STABLE17-1.fc8
2007-12-15 19:27:04
[SECURITY] Fedora 8 Update: squid-2.6.STABLE19-1.fc8
2008-04-29 20:53:41
freebsd
freebsd
Squid -- Denial of Service Vulnerability
2007-11-28 00:00:00
redhat
redhat
(RHSA-2007:1130) Moderate: squid security update
2007-12-18 00:00:00
(RHSA-2008:0214) Moderate: squid security update
2008-04-08 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:19:28
Denial Of Service (DoS)
2020-04-10 00:26:20
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.2 Medium
AI Score
Confidence
Low
0.179 Low
EPSS
Percentile
96.2%
Related for DEBIANCVE:CVE-2008-1612