Vulnerabilities > Squid Cache > Squid > 3.1.0.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-09-11 | CVE-2014-3609 | Improper Input Validation vulnerability in Squid-Cache Squid HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values." | 5.0 |
2014-04-14 | CVE-2014-0128 | Improper Input Validation vulnerability in multiple products Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. | 5.0 |
2011-11-17 | CVE-2011-4096 | Resource Management Errors vulnerability in Squid-Cache Squid The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record. | 5.0 |
2010-09-20 | CVE-2010-3072 | Denial Of Service vulnerability in Squid Proxy String Processing NULL Pointer Dereference The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request. | 5.0 |
2010-02-03 | CVE-2010-0308 | Improper Input Validation vulnerability in Squid-Cache Squid lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header. | 4.0 |