Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-414-1
HistoryJan 25, 2007 - 12:00 a.m.

Squid vulnerabilities

2007-01-2500:00:00
ubuntu.com
33

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.968

Percentile

99.7%

JSON

Releases

  • Ubuntu 6.10
  • Ubuntu 6.06

Details

David Duncan Ross Palmer and Henrik Nordstrom discovered that squid
incorrectly handled special characters in FTP URLs. Remote users with
access to squid could crash the server leading to a denial of service.
(CVE-2007-0247)

Erick Dantas Rotole and Henrik Nordstrom discovered that squid could end
up in an endless loop when exhausted of available external ACL helpers.
Remote users with access to squid could cause CPU starvation, possibly
leading to a denial of service. This does not affect a default Ubuntu
installation, since external ACL helpers must be configured and used.
(CVE-2007-0248)

OSVersionArchitecturePackageVersionFilename
Ubuntu6.10noarchsquid< 2.6.1-3ubuntu1.2UNKNOWN
Ubuntu6.06noarchsquid< 2.5.12-4ubuntu2.2UNKNOWN

Related

nessus 9
suse 1
openvas 11
gentoo 1
securityvulns 1
checkpoint_advisories 1
cvelist 2
prion 2
debiancve 2
cve 2
redhatcve 1
ubuntucve 2
nvd 2
fedora 1
nessus
nessus
SuSE 10 Security Update : squid (ZYPP Patch Number 2502)
2007-12-13 00:00:00
openSUSE 10 Security Update : squid (squid-2504)
2007-10-17 00:00:00
Ubuntu 6.06 LTS / 6.10 : squid vulnerabilities (USN-414-1)
2007-11-10 00:00:00
suse
suse
remote denial of service in squid
2007-01-23 12:13:41
openvas
openvas
Ubuntu Update for squid vulnerabilities USN-414-1
2009-03-23 00:00:00
Gentoo Security Advisory GLSA 200701-22 (squid)
2008-09-24 00:00:00
Mandriva Update for squid MDKSA-2007:026 (squid)
2009-04-09 00:00:00
gentoo
gentoo
Squid: Multiple Denial of Service vulnerabilities
2007-01-25 00:00:00
securityvulns
securityvulns
Multiple Squid cache proxy security vulnerability
2007-01-17 00:00:00
checkpoint_advisories
checkpoint_advisories
Squid Proxy FTP URI Processing Denial of Service (CVE-2007-0247)
2009-11-25 00:00:00
cvelist
cvelist
CVE-2007-0247
2007-01-16 18:00:00
CVE-2007-0248
2007-01-16 18:00:00
prion
prion
Design/Logic Flaw
2007-01-16 18:28:00
Design/Logic Flaw
2007-01-16 18:28:00
debiancve
debiancve
CVE-2007-0248
2007-01-16 18:28:00
CVE-2007-0247
2007-01-16 18:28:00
cve
cve
CVE-2007-0248
2007-01-16 18:28:00
CVE-2007-0247
2007-01-16 18:28:00
redhatcve
redhatcve
CVE-2007-0248
2015-10-30 10:08:06
ubuntucve
ubuntucve
CVE-2007-0248
2007-01-16 00:00:00
CVE-2007-0247
2007-01-16 00:00:00
nvd
nvd
CVE-2007-0248
2007-01-16 18:28:00
CVE-2007-0247
2007-01-16 18:28:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: squid-2.5.STABLE14-3.FC5
2007-01-17 16:32:06

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.968

Percentile

99.7%

JSON
Related for USN-414-1
nessus9suse1openvas11gentoo1securityvulns1checkpoint_advisories1cvelist2prion2debiancve2cve2redhatcve1ubuntucve2nvd2fedora1