CVSS: 7.5EPSS: 56%CPEs: 33EXPL: 0CVE-2010-0639
https://notcve.org/view.php?id=CVE-2010-0639
15 Feb 2010 — The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port. La función htcpHandleTstRequest en el archivo htcp.c en Squid versiones 2.x anterior a 2.6.STABLE24 y versión 2.7 anterior a 2.7.STABLE8, y en el archivo htcp.cc en versión 3.0 anterior a 3.0.STABLE24, permite que los atacantes remo... • http://bugs.squid-cache.org/show_bug.cgi?id=2858 •
CVSS: 7.5EPSS: 19%CPEs: 46EXPL: 0CVE-2010-0308 – squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)
https://notcve.org/view.php?id=CVE-2010-0308
03 Feb 2010 — lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header. lib/rfc1035.c en Squid 2.x, desde v3.0 hasta v3.0.STABLE22, y desde v3.1 hasta v3.1.0.15 permite a atacantes remotos producir una denegación de servicio (fallo de aserción) a través de un paquete DNS manipulado que unicamente contiene una cabecera. • http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdf • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 33%CPEs: 45EXPL: 0CVE-2005-3258
https://notcve.org/view.php?id=CVE-2005-3258
20 Oct 2005 — The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. • http://secunia.com/advisories/17271 •
CVSS: 7.5EPSS: 58%CPEs: 2EXPL: 0CVE-2005-2917
https://notcve.org/view.php?id=CVE-2005-2917
30 Sep 2005 — Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart). • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt •
CVSS: 7.5EPSS: 12%CPEs: 42EXPL: 0CVE-2005-2794
https://notcve.org/view.php?id=CVE-2005-2794
07 Sep 2005 — store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. • http://fedoranews.org/updates/FEDORA--.shtml •
CVSS: 7.5EPSS: 15%CPEs: 61EXPL: 0CVE-2005-2796
https://notcve.org/view.php?id=CVE-2005-2796
07 Sep 2005 — The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests. • http://fedoranews.org/updates/FEDORA--.shtml •
CVSS: 7.5EPSS: 24%CPEs: 1EXPL: 0CVE-2005-1519
https://notcve.org/view.php?id=CVE-2005-1519
11 May 2005 — Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups. • http://fedoranews.org/updates/FEDORA--.shtml •
CVSS: 7.5EPSS: 12%CPEs: 58EXPL: 0CVE-2005-0718
https://notcve.org/view.php?id=CVE-2005-0718
12 Mar 2005 — Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931 •
CVSS: 7.5EPSS: 65%CPEs: 59EXPL: 0CVE-2005-0446
https://notcve.org/view.php?id=CVE-2005-0446
15 Feb 2005 — Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931 •
CVSS: 9.1EPSS: 1%CPEs: 38EXPL: 0CVE-2005-0173
https://notcve.org/view.php?id=CVE-2005-0173
06 Feb 2005 — squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000923 •