Описание
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | released | 2.7.STABLE7-1ubuntu12.6 |
| oneiric | not-affected | binary built from squid3 source |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| upstream | released | 3.2.4, 3.3.0.2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 3.1.20-1ubuntu2 |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| oneiric | released | 3.1.14-1ubuntu0.3 |
| precise | released | 3.1.19-1ubuntu3.12.04.2 |
| quantal | released | 3.1.20-1ubuntu1.1 |
| raring | released | 3.1.20-1ubuntu2 |
| upstream | released | 3.2.4, 3.3.0.2 |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials.
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials.
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2. ...
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials.
ELSA-2013-0505: squid security and bug fix update (MODERATE)
5 Medium
CVSS2