Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-1000024

Опубликовано: 09 фев. 2018
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.

РелизСтатусПримечание
artful

released

3.5.23-5ubuntu1.1
bionic

released

3.5.23-5ubuntu2
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [3.3.8-1ubuntu6.11]]
esm-infra/bionic

released

3.5.23-5ubuntu2
esm-infra/xenial

released

3.5.12-1ubuntu7.5
precise/esm

not-affected

3.1.19-1ubuntu3.12.04.9
trusty

released

3.3.8-1ubuntu6.11

Показывать по

Ссылки на источники

EPSS

Процентиль: 93%
0.09656
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-1000024

CVSS3: 7.4
redhat
почти 8 лет назад

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.

nvd логотип

CVE-2018-1000024

CVSS3: 7.5
nvd
почти 8 лет назад

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.

debian логотип

CVE-2018-1000024

CVSS3: 7.5
debian
почти 8 лет назад

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to ...

github логотип

GHSA-gh8j-c69q-gf38

CVSS3: 7.5
github
больше 3 лет назад

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.

suse-cvrf логотип

openSUSE-SU-2018:0647-1

suse-cvrf
почти 8 лет назад

Security update for squid

EPSS

Процентиль: 93%
0.09656
Низкий

5 Medium

CVSS2

7.5 High

CVSS3