Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid squid web proxy cache 3.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable v...
Squid-cache Squid
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
NA
CVE-2012-5643
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x prior to 3.1.22, 3.2.x prior to 3.2.4, and 3.3.x prior to 3.3.0.2 allow remote malicious users to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST r...
Squid-cache Squid 2.6
Squid-cache Squid 2.0
Squid-cache Squid 2.7
Squid-cache Squid 2.2
Squid-cache Squid 2.3
Squid-cache Squid 2.5
Squid-cache Squid 2.1
Squid-cache Squid 2.4
Squid-cache Squid 3.1.0.18
Squid-cache Squid 3.0.stable13
Squid-cache Squid 3.1.21
Squid-cache Squid 3.0
Squid-cache Squid 3.0.stable9
Squid-cache Squid 3.1.13
Squid-cache Squid 3.0.stable20
Squid-cache Squid 3.0.stable14
Squid-cache Squid 3.0.stable3
Squid-cache Squid 3.1.17
Squid-cache Squid 3.1.0.7
Squid-cache Squid 3.1.0.14
Squid-cache Squid 3.0.stable4
Squid-cache Squid 3.1.0.12
NA
CVE-2011-3205
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 prior to 3.0.STABLE26, 3.1 prior to 3.1.15, and 3.2 prior to 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly hav...
Squid-cache Squid 3.0.stable13
Squid-cache Squid 3.0.stable9
Squid-cache Squid 3.0.stable20
Squid-cache Squid 3.0.stable14
Squid-cache Squid 3.0.stable3
Squid-cache Squid 3.0.stable4
Squid-cache Squid 3.0.stable24
Squid-cache Squid 3.0.stable16
Squid-cache Squid 3.0.stable11
Squid-cache Squid 3.0.stable18
Squid-cache Squid 3.0.stable1
Squid-cache Squid 3.0.stable6
Squid-cache Squid 3.0.stable15
Squid-cache Squid 3.0.stable5
Squid-cache Squid 3.0.stable21
Squid-cache Squid 3.0.stable17
Squid-cache Squid 3.0.stable10
Squid-cache Squid 3.0.stable8
Squid-cache Squid 3.0.stable12
Squid-cache Squid 3.0.stable25
Squid-cache Squid 3.0.stable23
Squid-cache Squid 3.0.stable22
NA
CVE-2010-3072
The string-comparison functions in String.cci in Squid 3.x prior to 3.1.8 and 3.2.x prior to 3.2.0.2 allow remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
Squid-cache Squid 3.1.0.18
Squid-cache Squid 3.0.stable13
Squid-cache Squid 3.0.stable9
Squid-cache Squid 3.0.stable20
Squid-cache Squid 3.0.stable14
Squid-cache Squid 3.0.stable3
Squid-cache Squid 3.1.0.7
Squid-cache Squid 3.1.0.14
Squid-cache Squid 3.0.stable4
Squid-cache Squid 3.1.0.12
Squid-cache Squid 3.1.1
Squid-cache Squid 3.0.stable24
Squid-cache Squid 3.1.0.3
Squid-cache Squid 3.1.0.1
Squid-cache Squid 3.0.stable16
Squid-cache Squid 3.0.stable11
Squid-cache Squid 3.0.stable18
Squid-cache Squid 3.0.stable1
Squid-cache Squid 3.1.6
Squid-cache Squid 3.1.0.9
Squid-cache Squid 3.1.0.15
Squid-cache Squid 3.0.stable6
NA
CVE-2010-0308
lib/rfc1035.c in Squid 2.x, 3.0 up to and including 3.0.STABLE22, and 3.1 up to and including 3.1.0.15 allows remote malicious users to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.
Squid-cache Squid 3.0.stable13
Squid-cache Squid 2.6
Squid-cache Squid 3.0.stable9
Squid-cache Squid 2.0
Squid-cache Squid 3.0.stable20
Squid-cache Squid 3.0.stable14
Squid-cache Squid 3.0.stable3
Squid-cache Squid 3.1.0.7
Squid-cache Squid 3.1.0.14
Squid-cache Squid 3.0.stable4
Squid-cache Squid 3.1.0.12
Squid-cache Squid 2.2
Squid-cache Squid 3.1.0.3
Squid-cache Squid 3.1.0.1
Squid-cache Squid 3.0.stable16
Squid-cache Squid 2.3
Squid-cache Squid 3.0.stable18
Squid-cache Squid 3.0.stable1
Squid-cache Squid 3.1.0.9
Squid-cache Squid 3.1.0.15
Squid-cache Squid 3.0.stable6
Squid-cache Squid 3.1.0.13
NA
CVE-2009-2855
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote malicious users to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
Squid-cache Squid 2.7
NA
CVE-2009-0801
Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote malicious users to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted ...
Squid Squid Web Proxy Cache 3.0 Stable6
Squid Squid Web Proxy Cache 2.7.stable6
Squid Squid Web Proxy Cache 3.0 Stable7
Squid Squid Web Proxy Cache 2.7.stable5
Squid Squid Web Proxy Cache 3.0 Stable5
Squid Squid Web Proxy Cache 3.0 Stable13
Squid Squid Web Proxy Cache 3.0 Stable4
Squid Squid Web Proxy Cache 3.0 Stable3
Squid Squid Web Proxy Cache 2.7
Squid Squid Web Proxy Cache 3.0 Pre2
Squid Squid Web Proxy Cache 3.0 Stable12
Squid Squid Web Proxy Cache 3.0 Stable1
Squid Squid Web Proxy Cache 3.0 Pre1
Squid Squid Web Proxy Cache 3.0 Pre3
Squid Squid Web Proxy Cache 3.0
Squid Squid Web Proxy Cache 3.0 Stable2
7 Github repositories
NA
CVE-2009-0478
Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote malicious users to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.
Squid Squid 3.0.stable8
Squid Squid 3.0.stable9
Squid Squid 3.1.0.2
Squid Squid 2.7.stable3
Squid Squid 3.0.stable3
Squid Squid 3.1
Squid Squid 3.0.stable1
Squid Squid 3.0.stable10
Squid Squid 3.0.stable12
Squid Squid 2.7.stable4
Squid Squid 3.0.stable7
Squid Squid 2.7.stable5
Squid Squid 3.0.stable6
Squid Squid 2.7.stable2
Squid Squid 3.1.0.1
Squid Squid 3.0.stable2
Squid Squid 3.0.stable4
Squid Squid 3.0.stable11
Squid Squid 2.7.stable1
Squid Squid 3.0.stable5
Squid Squid 3.1.0.3
Squid Squid 3.1.0.4
1 EDB exploit
NA
CVE-2007-6239
The "cache update reply processing" functionality in Squid 2.x prior to 2.6.STABLE17 and Squid 3.0 allows remote malicious users to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.
Squid Squid Web Proxy Cache 2.4 Stable2
Squid Squid Web Proxy Cache 2.5.stable11
Squid Squid Web Proxy Cache 2.5 Stable10
Squid Squid Web Proxy Cache 2.5 Stable3
Squid Squid Web Proxy Cache 2.5 .stable9
Squid Squid Web Proxy Cache 2.6.stable12
Squid Squid Web Proxy Cache 2.3.stable4
Squid Squid Web Proxy Cache 2.1 Patch2
Squid Squid Web Proxy Cache 2.6.stable2
Squid Squid Web Proxy Cache 2.6.stable13
Squid Squid Web Proxy Cache 2.5.stable14
Squid Squid Web Proxy Cache 2.6.stable3
Squid Squid Web Proxy Cache 2.6.stable14
Squid Squid Web Proxy Cache 2.0 Patch2
Squid Squid Web Proxy Cache 2.6.stable16
Squid Squid Web Proxy Cache 2.6.stable1
Squid Squid Web Proxy Cache 2.5 Stable4
Squid Squid Web Proxy Cache 2.5 Stable1
Squid Squid Web Proxy Cache 2.5 Stable6
Squid Squid Web Proxy Cache 2.6
Squid Squid Web Proxy Cache 3.0 Pre2
Squid Squid Web Proxy Cache 2.5 Stable7
NA
CVE-2005-0211
Buffer overflow in wccp.c in Squid 2.5 prior to 2.5.STABLE7 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.
Squid-cache Squid 2.5.stable6
Squid-cache Squid 2.5.stable4
Squid-cache Squid 2.5.stable2
Squid-cache Squid 2.5.stable5
Squid-cache Squid 2.5.stable3
Squid-cache Squid 2.5.stable1
Debian Debian Linux 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »