Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2009-2855

Опубликовано: 18 авг. 2009
Источник: debian
EPSS Средний

Описание

The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
squidfixed2.7.STABLE7-1package
squid3fixed3.0.STABLE19-1package

EPSS

Процентиль: 98%
0.60658
Средний

Связанные уязвимости

ubuntu логотип

CVE-2009-2855

ubuntu
почти 16 лет назад

The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.

redhat логотип

CVE-2009-2855

redhat
почти 16 лет назад

The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.

nvd логотип

CVE-2009-2855

nvd
почти 16 лет назад

The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.

github логотип

GHSA-7hrp-6jq3-pm4q

github
около 3 лет назад

The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.

oracle-oval логотип

ELSA-2010-0221

oracle-oval
около 15 лет назад

ELSA-2010-0221: squid security and bug fix update (LOW)

EPSS

Процентиль: 98%
0.60658
Средний