Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-0832
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and previous versions, with NTLM authentication enabled, allow remote malicious users to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to mem...
Squid Squid
7.5
CVSSv2
CVE-2002-0713
Buffer overflows in Squid prior to 2.4.STABLE6 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP se...
Squid Squid
7.5
CVSSv2
CVE-2002-0714
FTP proxy in Squid prior to 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote malicious users to bypass firewall rules or spoof FTP server responses.
Squid Squid
5
CVSSv2
CVE-2002-0715
Vulnerability in Squid prior to 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password.
Squid Squid
7.5
CVSSv2
CVE-2002-0163
Heap-based buffer overflow in Squid prior to 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote malicious users to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.
Squid Squid
1 EDB exploit
4.3
CVSSv2
CVE-2015-0881
CRLF injection vulnerability in Squid prior to 3.1.1 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response.
Squid-cache Squid
NA
CVE-2024-23638
Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pag...
Squid-cache Squid
NA
CVE-2023-49285
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no kno...
Squid-cache Squid
4
CVSSv2
CVE-2020-14059
An issue exists in Squid 5.x prior to 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list.
Squid-cache Squid
4.3
CVSSv2
CVE-2018-19131
Squid prior to 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
Squid-cache Squid
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »