Описание
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.
Отчет
This issue did not affect the versions of squid as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they do not provide the vulnerable program "pinger".
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | squid | Not affected | ||
| Red Hat Enterprise Linux 5 | squid | Not affected | ||
| Red Hat Enterprise Linux 6 | squid | Not affected | ||
| Red Hat Enterprise Linux 7 | squid | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
1.8 Low
CVSS2
Связанные уязвимости
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain ...
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.
EPSS
1.8 Low
CVSS2