CVE-2010-0639

Severity

50%

Complexity

99%

Confidentiality

48%

Per: http://cwe.mitre.org/data/definitions/476.html 'NULL Pointer Dereference'

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port.

Per: http://cwe.mitre.org/data/definitions/476.html 'NULL Pointer Dereference'

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

First reported 15 years ago

2010-02-15 18:30:00

Last updated 14 years ago

2010-08-02 04:00:00

Affected Software

squid-cache.org Squid 2.0

2.0

squid-cache.org Squid 2.1

2.1

squid-cache.org Squid 2.2

2.2

squid-cache.org Squid 2.3

2.3

squid-cache.org Squid 2.4

2.4

squid-cache.org Squid 2.5

2.5

squid-cache.org Squid 2.6

2.6

squid-cache.org Squid 2.7

2.7

squid-cache Squid 2.7 Stable3

2.7

squid-cache Squid 2.7 Stable4

2.7

squid-cache.org Squid 3.0

3.0

squid-cache.org Squid 3.0.stable1

3.0.stable1

squid-cache.org Squid 3.0.stable2

3.0.stable2

squid-cache.org Squid 3.0.stable3

3.0.stable3

squid-cache.org Squid 3.0.stable4

3.0.stable4

squid-cache.org Squid 3.0.stable5

3.0.stable5

squid-cache.org Squid 3.0.stable6

3.0.stable6

squid-cache.org Squid 3.0.stable7

3.0.stable7

squid-cache.org Squid 3.0.stable8

3.0.stable8

squid-cache.org Squid 3.0.stable9

3.0.stable9

squid-cache.org Squid 3.0.stable11

3.0.stable11

squid-cache.org Squid 3.0.stable12

3.0.stable12

squid-cache.org Squid 3.0.stable13

3.0.stable13

squid-cache.org Squid 3.0.stable14

3.0.stable14

squid-cache.org Squid 3.0.stable15

3.0.stable15

squid-cache.org Squid 3.0.stable16

3.0.stable16

squid-cache.org Squid 3.0.stable17

3.0.stable17

squid-cache.org Squid 3.0.stable18

3.0.stable18

squid-cache.org Squid 3.0.stable19

3.0.stable19

squid-cache.org Squid 3.0.stable20

3.0.stable20

squid-cache.org Squid 3.0.stable21

3.0.stable21

squid-cache.org Squid 3.0.stable22

3.0.stable22

squid-cache.org Squid 3.0.stable23

3.0.stable23

References

http://bugs.squid-cache.org/show_bug.cgi?id=2858

FEDORA-2010-3064

FEDORA-2010-2434

62297

38812

Vendor Advisory

38212

1023587

http://www.squid-cache.org/Advisories/SQUID-2010_2.txt

Vendor Advisory

http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch

Patch

http://www.squid-cache.org/Versions/v3/3.0/changesets/3.0-ADV-2010_2.patch

Patch

ADV-2010-0371

Vendor Advisory

ADV-2010-0603

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.