Vulnerabilities > Squid > Squid > 2.5.stable1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-02-07 | CVE-2005-0174 | Remote vulnerability in Squid Proxy Oversize HTTP Headers Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters. | 5.0 |
2005-01-27 | CVE-2004-0918 | Resource Management Errors vulnerability in multiple products The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | 5.0 |
2005-01-25 | CVE-2005-0096 | Remote Denial Of Service vulnerability in Squid Proxy NTLM Fakeauth_Auth Memory Leak Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption). | 5.0 |
2005-01-15 | CVE-2005-0095 | Denial Of Service vulnerability in Squid Proxy Web Cache Communication Protocol The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers. | 5.0 |
2005-01-15 | CVE-2005-0094 | Remote Buffer Overflow vulnerability in Squid Proxy Gopher To HTML Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses. | 5.0 |
2005-01-11 | CVE-2005-0097 | Remote Denial of Service vulnerability in Squid Proxy Malformed NTLM Type 3 Message The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference. | 5.0 |