ID |
CVE-2002-0068
|
Summary |
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*
cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*
-
cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*
-
cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*
-
cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*
-
cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*
-
cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*
-
cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*
-
cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*
-
cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*
-
cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*
|
CVSS |
Base: | 7.5 (as of 18-10-2016 - 02:15) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
redhat
via4
|
|
refmap
via4
|
bid | 4148 | bugtraq | - 20020221 Squid HTTP Proxy Security Update Advisory 2002:1
- 20020222 Squid buffer overflow
- 20020222 TSLSA-2002-0031 - squid
| caldera | - CSSA-2002-010.0
- CSSA-2002-SCO.7
| conectiva | CLA-2002:464 | confirm | http://www.squid-cache.org/Versions/v2/2.4/bugs/ | freebsd | FreeBSD-SA-02:12 | mandrake | MDKSA-2002:016 | osvdb | 5378 | suse | SuSE-SA:2002:008 | xf | squid-ftpbuildtitleurl-bo(8258) |
|
Last major update |
18-10-2016 - 02:15 |
Published |
08-03-2002 - 05:00 |
Last modified |
18-10-2016 - 02:15 |