Vulnerabilities > Squid > Squid
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-08 | CVE-2009-0478 | Improper Input Validation vulnerability in Squid Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c. | 5.0 |
| 2007-03-21 | CVE-2007-1560 | Remote Denial of Service vulnerability in Squid Proxy TRACE Request The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error. | 5.0 |
| 2007-01-16 | CVE-2007-0248 | Remote Denial of Service vulnerability in Squid 2.6.Stable6 The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop. | 5.0 |
| 2007-01-16 | CVE-2007-0247 | Resource Management Errors vulnerability in Squid squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions. | 5.0 |
| 2005-10-27 | CVE-2005-3322 | Denial of Service vulnerability in SUSE Linux Squid Proxy SSL Handling Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL). | 5.0 |
| 2005-10-20 | CVE-2005-3258 | Unspecified vulnerability in Squid The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. | 5.0 |
| 2005-09-30 | CVE-2005-2917 | Denial Of Service vulnerability in Squid 2.5.9 Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart). | 5.0 |
| 2005-09-07 | CVE-2005-2796 | Remote Denial Of Service vulnerability in Squid Proxy SSLConnectTimeout The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests. | 5.0 |
| 2005-09-07 | CVE-2005-2794 | Remote Denial Of Service vulnerability in Squid Proxy Aborted Requests store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. | 5.0 |
| 2005-05-24 | CVE-2005-1711 | Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected. | 7.5 |