CVSS: 5.3EPSS: 1%CPEs: 7EXPL: 0CVE-2004-2479
https://notcve.org/view.php?id=CVE-2004-2479
31 Dec 2004 — Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages. • http://fedoranews.org/updates/FEDORA--.shtml •
CVSS: 9.1EPSS: 3%CPEs: 1EXPL: 3CVE-2004-2480 – National Science Foundation Squid Proxy 2.3 - Internet Access Control Bypass
https://notcve.org/view.php?id=CVE-2004-2480
31 Dec 2004 — Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via "@@" sequences in a URL within Internet Explorer. • https://www.exploit-db.com/exploits/24105 •
CVSS: 10.0EPSS: 75%CPEs: 2EXPL: 2CVE-2004-0541 – Squid - NTLM (Authenticated) Overflow
https://notcve.org/view.php?id=CVE-2004-0541
10 Jun 2004 — Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable). Desbordamiento de búfer en la función ntlm_check_auth (autenticación NTLM) de Squid Web Proxy Cache 2.5.x y 3.x, cuando se compila con manejadores NTLM activados, permite a atacantes remotos ejecutar código de su elección mediante una contraseña larga (variable "pass") • https://www.exploit-db.com/exploits/16847 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2001-0142
https://notcve.org/view.php?id=CVE-2001-0142
12 Mar 2001 — squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. • http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html •
CVSS: 9.1EPSS: 5%CPEs: 5EXPL: 2CVE-1999-1481 – National Science Foundation Squid Web Proxy 1.0/1.1/2.1 - Authentication Failure
https://notcve.org/view.php?id=CVE-1999-1481
31 Dec 1999 — Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair. • https://www.exploit-db.com/exploits/19567 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-1999-1273
https://notcve.org/view.php?id=CVE-1999-1273
20 Feb 1998 — Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences. • http://www.securityfocus.com/archive/1/8551 •