Описание
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 2.5.12-4ubuntu2.4 |
| devel | DNE | |
| hardy | not-affected | 2.6.18-1ubuntu3 |
| intrepid | released | 2.7.STABLE3-1ubuntu2.2 |
| jaunty | released | 2.7.STABLE3-4.1ubuntu1.1 |
| karmic | released | 2.7.STABLE6-2ubuntu2.1 |
| lucid | not-affected | 2.7.STABLE7-1ubuntu5 |
| maverick | not-affected | 2.7.STABLE7-1ubuntu5 |
| natty | not-affected | 2.7.STABLE7-1ubuntu5 |
| oneiric | not-affected | 2.7.STABLE7-1ubuntu5 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 3.1.6-1.1ubuntu1 |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needed |
| jaunty | released | 3.0.STABLE8-3+lenny4build0.9.04.1 |
| karmic | ignored | end of life |
| lucid | not-affected | 3.0.STABLE19-1 |
| maverick | not-affected | 3.1.6-1.1ubuntu1 |
| natty | not-affected | 3.1.6-1.1ubuntu1 |
| oneiric | not-affected | 3.1.6-1.1ubuntu1 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allo ...
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
EPSS
5 Medium
CVSS2