Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2016-10003

Published: 27/01/2017 Updated: 02/02/2024
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Squid-cache

Vulnerability Summary

Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.

Vulnerable Product Search on Vulmon Subscribe to Product

squid-cache squid

Vendor Advisories

Ubuntu Security Notice: squid3 vulnerabilities
Squid could be made to expose sensitive information over the network ...
Debian CVElist Bug Report Logs: squid3: CVE-2016-10002: SQUID-2016:11: Information disclosure in HTTP Request processing
Debian Bug report logs - #848493 squid3: CVE-2016-10002: SQUID-2016:11: Information disclosure in HTTP Request processing Package: src:squid3; Maintainer for src:squid3 is Luigi Gangitano <luigi@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 17 Dec 2016 15:57:04 UTC Severity: grave Tags ...
Debian CVElist Bug Report Logs: squid3: SQUID-2016:10: Information disclosure in Collapsed Forwarding
Debian Bug report logs - #848491 squid3: SQUID-2016:10: Information disclosure in Collapsed Forwarding Package: src:squid3; Maintainer for src:squid3 is Luigi Gangitano <luigi@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 17 Dec 2016 15:51:02 UTC Severity: grave Tags: fixed-upstream, p ...
Amazon Linux 2: ALAS2-2023-2066
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3501 through 3522, and 401 through 4016 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients (CVE-2016-10003) ...
Amazon Linux AMI: ALAS-2023-1766
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3501 through 3522, and 401 through 4016 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients (CVE-2016-10003) An issue was discovered in Squid before 410 Due to incorrect input validation, the ...

References

CWE-697http://www.squid-cache.org/Advisories/SQUID-2016_10.txthttp://www.securitytracker.com/id/1037512http://www.securityfocus.com/bid/94953http://www.openwall.com/lists/oss-security/2016/12/18/1https://usn.ubuntu.com/3192-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook