CVSS: 7.5EPSS: 35%CPEs: 29EXPL: 0CVE-2009-2622
https://notcve.org/view.php?id=CVE-2009-2622
28 Jul 2009 — Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc. Squid desde v3.0 hasta v3.0.STABLE16 y desde v3.1 hasta v3.1.0.11 permite a atacantes remotos producir una denegación de servicio a través de peticiones mal formadas qu... • http://secunia.com/advisories/36007 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 79%CPEs: 22EXPL: 2CVE-2009-0478 – Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service
https://notcve.org/view.php?id=CVE-2009-0478
08 Feb 2009 — Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c. Squid versiones 2.7 hasta 2.7.STABLE5, versiones 3.0 hasta 3.0.STABLE12 y versiones 3.1 hasta 3.1.0.4, permiten a los atacantes remotos causar una denegación de servicio por medio de una petición HTTP con un número de versión no válido, lo que desencadena una a... • https://www.exploit-db.com/exploits/8021 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 19%CPEs: 1EXPL: 1CVE-2008-1612 – squid: regression in SQUID-2007:2 / CVE-2007-6239
https://notcve.org/view.php?id=CVE-2008-1612
01 Apr 2008 — The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239. La función arrayShrink (lib/Array.c) en Squid 2.6.STABLE17 permite a atacantes provocar una denegación de servicio (terminación del proceso) a través de vectores desconocidos que provocan que un array se inicialice a 0 entradas, lo... • http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 63%CPEs: 11EXPL: 0CVE-2007-1560
https://notcve.org/view.php?id=CVE-2007-1560
21 Mar 2007 — The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error. La función clientProcessRequest() en el archivo src/client_side.c en Squid versiones 2.6 anteriores a 2.6.STABLE12, permite a atacantes remotos causar una denegación de servicio (bloqueo del demonio) por medio de peticiones TRACE creadas que desencadenan un error de aserción. • http://secunia.com/advisories/24611 •
CVSS: 7.5EPSS: 38%CPEs: 6EXPL: 1CVE-2007-0247 – Squid Proxy 2.5/2.6 - FTP URI Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-0247
16 Jan 2007 — squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions. El archivo squid/src/ftp.c en Squid versiones anteriores a 2.6.STABLE7, permite a los servidores FTP remotos causar una denegación de servicio (volcado del núcleo) por medio de respuestas de enumeración de directorio FTP, posiblemente relacionadas con las funciones (1) ft... • https://www.exploit-db.com/exploits/29473 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 46%CPEs: 1EXPL: 0CVE-2007-0248
https://notcve.org/view.php?id=CVE-2007-0248
16 Jan 2007 — The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop. La función aclMatchExternal en Squid anterior a 2.6.STABLE7 permite a atacantes remotos provocar una denegación de servicio (caída) provocando una sobrecarga de la cola external_acl, lo cual provoca un bucle infinito. • http://secunia.com/advisories/23767 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3322
https://notcve.org/view.php?id=CVE-2005-3322
27 Oct 2005 — Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL). • http://www.novell.com/linux/security/advisories/2005_24_sr.html •
CVSS: 7.5EPSS: 33%CPEs: 45EXPL: 0CVE-2005-3258
https://notcve.org/view.php?id=CVE-2005-3258
20 Oct 2005 — The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. • http://secunia.com/advisories/17271 •
CVSS: 7.5EPSS: 58%CPEs: 2EXPL: 0CVE-2005-2917
https://notcve.org/view.php?id=CVE-2005-2917
30 Sep 2005 — Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart). • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt •
CVSS: 7.5EPSS: 12%CPEs: 42EXPL: 0CVE-2005-2794
https://notcve.org/view.php?id=CVE-2005-2794
07 Sep 2005 — store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. • http://fedoranews.org/updates/FEDORA--.shtml •