Lucene search
GoogleOSV:DSA-2002-1HistoryFeb 19, 2010 - 12:00 a.m.
polipo - denial of service
2010-02-1900:00:00
Google
osv.dev
20
EPSS
0.034
Percentile
91.5%
Several denial of service vulnerabilities have been discovered in polipo, a
small, caching web proxy. The Common Vulnerabilities and Exposures project
identifies the following problems:
- CVE-2009-3305
A malicous remote sever could cause polipo to crash by sending an
invalid Cache-Control header. - CVE-2009-4143
A malicous client could cause polipo to crash by sending a large
Content-Length value.
This upgrade also fixes some other bugs that could lead to a daemon crash
or an infinite loop and may be triggerable remotely.
For the stable distribution (lenny), these problems have been fixed in
version 1.0.4-1+lenny1.
For the testing distribution (squeeze) and the unstable distribution (sid),
these problems have been fixed in version 1.0.4-3.
We recommend that you upgrade your polipo packages.
References
Related
nessus
nessus
Debian DSA-2002-1 : polipo - denial of service
2010-02-24 00:00:00
Mandriva Linux Security Advisory : php (MDVSA-2010:045)
2010-02-24 00:00:00
Debian DSA-2001-1 : php5 - multiple vulnerabilities
2010-02-24 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2002-1)
2023-03-08 00:00:00
Polipo Malformed HTTP GET Request Memory Corruption Vulnerability
2009-12-08 00:00:00
Polipo Malformed HTTP GET Request Memory Corruption Vulnerability
2009-12-08 00:00:00
debian
debian
[SECURITY] [DSA-2002-1] New polipo packages fix denial of service
2010-02-19 15:36:51
[SECURITY] [DSA-2002-1] New polipo packages fix denial of service
2010-02-19 15:36:51
[SECURITY] [DSA-2001-1] New php5 packages fix multiple vulnerabilities
2010-02-19 14:56:46
securityvulns
securityvulns
[SECURITY] [DSA-2002-1] New polipo packages fix denial of service
2010-02-22 00:00:00
polipo proxy server DoS
2010-02-22 00:00:00
PHP multiple security vulnerabilities
2010-01-08 00:00:00
prion
prion
Cross site request forgery (csrf)
2009-12-24 16:30:00
Integer overflow
2009-12-24 16:30:00
Memory corruption
2009-12-21 16:30:00
cve
cve
debiancve
debiancve
CVE-2009-4413
2009-12-24 16:30:00
CVE-2009-3305
2009-12-24 16:30:00
ubuntucve
ubuntucve
nvd
nvd
cvelist
cvelist
seebug
seebug
PHP session.save_path()ๅฝๆฐไปปๆๅฝไปคๆง่กๆผๆด
2010-02-20 00:00:00
osv
osv
php5 - multiple vulnerabilities
2010-02-19 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2010-01-13 00:00:00
slackware
slackware
[slackware-security] php
2010-01-25 05:20:07
freebsd
freebsd
php -- multiple vulnerabilities
2009-12-17 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2010-01-05 00:00:00
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44