Vulnerabilities > CVE-2006-0046 - Unspecified vulnerability in Cameron Simpson Adzapper
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cameron-simpson
nessus
Summary
squid_redirect script in adzapper before 2006-01-29 allows remote attackers to cause a denial of service (CPU consumption) via a URL with a large number of trailing / (forward slashes), which might produce inefficient regular expressions.
Vulnerable Configurations
Nessus
| NASL family | Debian Local Security Checks |
| NASL id | DEBIAN_DSA-966.NASL |
| description | Thomas Reifferscheid discovered that adzapper, a proxy advertisement zapper add-on, when installed as plugin in squid, the Internet object cache, can consume a lot of CPU resources and hence cause a denial of service on the proxy host. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 22832 |
| published | 2006-10-14 |
| reporter | This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/22832 |
| title | Debian DSA-966-1 : adzapper - denial of service |
References
- http://www.debian.org/security/2006/dsa-966
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350308
- http://adzapper.sourceforge.net/cvslog.html
- http://secunia.com/advisories/18771
- http://secunia.com/advisories/18777
- http://www.securityfocus.com/bid/16558
- http://www.osvdb.org/22900
- http://www.vupen.com/english/advisories/2006/0491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24640
- http://bugs.debian.org/cgi-bin/bugreport.cgi/squid_redirect.diff?bug=350308%3Bmsg=5%3Batt=1