6 results (0.002 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 3

CVE-2004-2480 – National Science Foundation Squid Proxy 2.3 - Internet Access Control Bypass

https://notcve.org/view.php?id=CVE-2004-2480

Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via "@@" sequences in a URL within Internet Explorer. • https://www.exploit-db.com/exploits/24105 http://archives.neohapsis.com/archives/bugtraq/2004-05/0070.html http://www.securityfocus.com/bid/10315 https://exchange.xforce.ibmcloud.com/vulnerabilities/16153 •

CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0

CVE-2004-2479

https://notcve.org/view.php?id=CVE-2004-2479

Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages. • http://fedoranews.org/updates/FEDORA--.shtml http://secunia.com/advisories/13408 http://secunia.com/advisories/16977 http://securitytracker.com/id?1012466 http://www.osvdb.org/12282 http://www.redhat.com/support/errata/RHSA-2005-766.html http://www.securityfocus.com/bid/11865 http://www.squid-cache.org/bugs/show_bug.cgi?id=1143 https://exchange.xforce.ibmcloud.com/vulnerabilities/18406 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9711 •

CVSS: 10.0EPSS: 96%CPEs: 2EXPL: 2

CVE-2004-0541 – Squid - NTLM (Authenticated) Overflow

https://notcve.org/view.php?id=CVE-2004-0541

Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable). Desbordamiento de búfer en la función ntlm_check_auth (autenticación NTLM) de Squid Web Proxy Cache 2.5.x y 3.x, cuando se compila con manejadores NTLM activados, permite a atacantes remotos ejecutar código de su elección mediante una contraseña larga (variable "pass") • https://www.exploit-db.com/exploits/16847 https://www.exploit-db.com/exploits/9951 ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc http://fedoranews.org/updates/FEDORA--.shtml http://www.gentoo.org/security/en/glsa/glsa-200406-13.xml http://www.idefense.com/application/poi/display?id=107&type=vulnerabilities http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:059 http://www.redhat.com/support/errata/RHSA-2004-242.html http:/& •

CVSS: 1.2EPSS: 0%CPEs: 10EXPL: 0

CVE-2001-0142

https://notcve.org/view.php?id=CVE-2001-0142

squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. • http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html http://marc.info/?l=bugtraq&m=97916374410647&w=2 http://www.debian.org/security/2001/dsa-019 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3 http://www.securityfocus.com/bid/2184 https://exchange.xforce.ibmcloud.com/vulnerabilities/5921 •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 2

CVE-1999-1481 – National Science Foundation Squid Web Proxy 1.0/1.1/2.1 - Authentication Failure

https://notcve.org/view.php?id=CVE-1999-1481

Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair. • https://www.exploit-db.com/exploits/19567 http://www.securityfocus.com/archive/1/33295 http://www.securityfocus.com/bid/741 http://www.squid-cache.org/Versions/v2/2.2/bugs https://exchange.xforce.ibmcloud.com/vulnerabilities/3433 •