Published: 16/01/2007 Updated: 29/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

squid/src/ftp.c in Squid prior to 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
squid squid 2.6.stable6
squid squid 2.6.stable5
squid squid 2.6.stable4
squid squid 2.6.stable1
squid squid 2.6.stable3
squid squid 2.6.stable2

Debian Bug report logs - #407202 CVE-2007-0248: squid: Denial of Service Vulnerabilities Package: squid; Maintainer for squid is Luigi Gangitano <luigi@debianorg>; Source for squid is src:squid (PTS, buildd, popcon) Reported by: Alex de Oliveira Silva <enerv@hostsk> Date: Tue, 16 Jan 2007 21:03:13 UTC Severity: im ...

David Duncan Ross Palmer and Henrik Nordstrom discovered that squid incorrectly handled special characters in FTP URLs Remote users with access to squid could crash the server leading to a denial of service (CVE-2007-0247) ...

source: wwwsecurityfocuscom/bid/22079/info Squid is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests Successfully exploiting this issue allows remote attackers to crash affected proxy applications, denying futher service to legitimate users Squid versions from 25STABLE11 ...

CWE-399 http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12 http://www.squid-cache.org/bugs/show_bug.cgi?id=1857 http://secunia.com/advisories/23767 http://fedoranews.org/cms/node/2442 http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml http://www.novell.com/linux/security/advisories/2007_12_squid.html http://www.trustix.org/errata/2007/0003/http://www.ubuntu.com/usn/usn-414-1 http://www.securityfocus.com/bid/22079 http://secunia.com/advisories/23810 http://secunia.com/advisories/23805 http://secunia.com/advisories/23837 http://secunia.com/advisories/23889 http://secunia.com/advisories/23921 http://secunia.com/advisories/23946 http://www.mandriva.com/security/advisories?name=MDKSA-2007:026 http://osvdb.org/39839 http://www.vupen.com/english/advisories/2007/0199 https://exchange.xforce.ibmcloud.com/vulnerabilities/31523 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407202 https://usn.ubuntu.com/414-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/29473/

CVE-2007-0247

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect