Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2007-1560

Published: 21/03/2007 Updated: 11/10/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The clientProcessRequest() function in src/client_side.c in Squid 2.6 prior to 2.6.STABLE12 allows remote malicious users to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error.

Vulnerable Product Search on Vulmon Subscribe to Product

squid squid 2.6.stable1

squid squid 2.6.stable10

squid squid 2.6.stable7

squid squid 2.6.stable8

squid squid 2.6.stable11

squid squid 2.6.stable2

squid squid 2.6.stable9

squid squid 2.6.stable5

squid squid 2.6.stable6

squid squid 2.6.stable3

squid squid 2.6.stable4

Vendor Advisories

Ubuntu Security Notice: squid vulnerability
A flaw was discovered in Squid’s handling of the TRACE request method which could lead to a crash Remote attackers with access to the Squid server could send malicious TRACE requests, and cause a denial of service ...

References

NVD-CWE-noinfohttp://www.squid-cache.org/Advisories/SQUID-2007_1.txthttp://www.squid-cache.org/Versions/v2/2.6/changesets/11349.patchhttp://secunia.com/advisories/24611http://www.securitytracker.com/id?1017805http://secunia.com/advisories/24614http://secunia.com/advisories/24625http://security.gentoo.org/glsa/glsa-200703-27.xmlhttp://secunia.com/advisories/24662http://www.novell.com/linux/security/advisories/2007_5_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0131.htmlhttp://secunia.com/advisories/24911http://www.mandriva.com/security/advisories?name=MDKSA-2007:068http://www.ubuntu.com/usn/usn-441-1http://www.securityfocus.com/bid/23085http://www.vupen.com/english/advisories/2007/1035https://exchange.xforce.ibmcloud.com/vulnerabilities/33124https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10291https://usn.ubuntu.com/441-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228CVE-2024-20361log injectionbypassCVE-2024-4985CVE-2024-35223CVE-2024-29849CVE-2024-31893IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook