CVE-2012-5643 – squid: cachemgr.cgi memory usage DoS and memory leaks
https://notcve.org/view.php?id=CVE-2012-5643
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials. Varias fugas de memoria en tools/cachemgr.cc en cachemgr.cgi en Squid v2.x y v3.x antes de v3.1.22, v3.2.x antes de v3.2.4 y v3.3.x antes de v3.3.0.2 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de (1) cabeceras Content-Length no válidas, (2) largas peticiones POST, o (3) credenciales de autenticación manipuladas. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00052.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00075.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00025.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00032.html http://openwall.com/lists/oss-security/2012/12/17/4 http://rhn.redhat.com/errata& • CWE-20: Improper Input Validation CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2011-4096 – squid: Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record
https://notcve.org/view.php?id=CVE-2011-4096
The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record. La función idnsGrokReply en Squid anterior a v3.1.16 no adecuada de memoria libre, permite a atacantes remotos provocar una denegación de servicio (daemon abortar) a través de una respuesta DNS que contiene un registro CNAME que hace referencia a otro registro CNAME y este contiene un registro vacío. • http://bugs.squid-cache.org/show_bug.cgi?id=3237#c12 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://secunia.com/advisories/46609 http://secunia.com/advisories/47459 http://www.mandriva.com/security/advisories?name=MDVSA-2011:193 http://www.openwall.com/lists/oss-security/2011/10/31/5 http://www.openwall.com/lists/oss-security/2011/11/01/3 http://www.redhat.com& • CWE-399: Resource Management Errors •
CVE-2010-0639
https://notcve.org/view.php?id=CVE-2010-0639
The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port. La función htcpHandleTstRequest en el archivo htcp.c en Squid versiones 2.x anterior a 2.6.STABLE24 y versión 2.7 anterior a 2.7.STABLE8, y en el archivo htcp.cc en versión 3.0 anterior a 3.0.STABLE24, permite que los atacantes remotos causen una denegación de servicio (desreferencia de puntero NULL y bloqueo del demonio) por medio de paquetes creados hacia el puerto HTCP. • http://bugs.squid-cache.org/show_bug.cgi?id=2858 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035961.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037159.html http://osvdb.org/62297 http://secunia.com/advisories/38812 http://www.securityfocus.com/bid/38212 http://www.securitytracker.com/id?1023587 http://www.squid-cache.org/Advisories/SQUID-2010_2.txt http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch http: •
CVE-2010-0308 – squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)
https://notcve.org/view.php?id=CVE-2010-0308
lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header. lib/rfc1035.c en Squid 2.x, desde v3.0 hasta v3.0.STABLE22, y desde v3.1 hasta v3.1.0.15 permite a atacantes remotos producir una denegación de servicio (fallo de aserción) a través de un paquete DNS manipulado que unicamente contiene una cabecera. • http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdf http://osvdb.org/62044 http://secunia.com/advisories/38451 http://secunia.com/advisories/38455 http://www.securityfocus.com/bid/37522 http://www.securitytracker.com/id?1023520 http://www.squid-cache.org/Advisories/SQUID-2010_1.txt http://www.squid-cache.org/Versions/v2/HEAD/changesets/12597.patch http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9163.patch http://www. • CWE-20: Improper Input Validation •
CVE-2005-3258
https://notcve.org/view.php?id=CVE-2005-3258
The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. • http://secunia.com/advisories/17271 http://secunia.com/advisories/17287 http://secunia.com/advisories/17338 http://secunia.com/advisories/17407 http://secunia.com/advisories/17513 http://secunia.com/advisories/17626 http://secunia.com/advisories/17645 http://securitytracker.com/id?1015085 http://www.novell.com/linux/security/advisories/2005_27_sr.html http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE11-rfc1738_do_escape http://www.vupen.com/english/ •