Vulnerabilities > Squid > Squid > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-08 | CVE-2009-0478 | Improper Input Validation vulnerability in Squid Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c. | 5.0 |
| 2007-03-21 | CVE-2007-1560 | Remote Denial of Service vulnerability in Squid Proxy TRACE Request The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error. | 5.0 |
| 2007-01-16 | CVE-2007-0248 | Remote Denial of Service vulnerability in Squid 2.6.Stable6 The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop. | 5.0 |
| 2007-01-16 | CVE-2007-0247 | Resource Management Errors vulnerability in Squid squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions. | 5.0 |
| 2005-10-27 | CVE-2005-3322 | Denial of Service vulnerability in SUSE Linux Squid Proxy SSL Handling Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL). | 5.0 |
| 2005-10-20 | CVE-2005-3258 | Unspecified vulnerability in Squid The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. | 5.0 |
| 2005-09-30 | CVE-2005-2917 | Denial Of Service vulnerability in Squid 2.5.9 Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart). | 5.0 |
| 2005-09-07 | CVE-2005-2796 | Remote Denial Of Service vulnerability in Squid Proxy SSLConnectTimeout The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests. | 5.0 |
| 2005-09-07 | CVE-2005-2794 | Remote Denial Of Service vulnerability in Squid Proxy Aborted Requests store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. | 5.0 |
| 2005-05-11 | CVE-2005-1519 | DNS Spoofing vulnerability in Squid Proxy Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups. | 6.4 |