[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2630-1 squid3 -- denial of service

ID: oval:org.secpod.oval:def:600973Date: (C)2013-02-26   (M)2023-02-20
Class: PATCHFamily: unix




Squid3, a fully featured Web proxy cache, is prone to a denial of service attack due to memory consumption caused by memory leaks in cachemgr.cgi: CVE-2012-5643 squid"s cachemgr.cgi was vulnerable to excessive resource use. A remote attacker could exploit this flaw to perform a denial of service attack on the server and other hosted services. CVE-2013-0189 The original patch for CVE-2012-5643 was incomplete. A remote attacker still could exploit this flaw to perform a denial of service attack.

Platform:
Debian 6.0
Product:
squid3
Reference:
DSA-2630-1
CVE-2012-5643
CVE-2013-0189
CVE    2
CVE-2013-0189
CVE-2012-5643
CPE    2
cpe:/a:squid-cache:squid3
cpe:/o:debian:debian_linux:6.0

© SecPod Technologies