Computer Security
[EN] securityvulns.ru no-pyccku


Multiple Squid cache proxy security vulnerability
Published:17.01.2007
Source:
SecurityVulns ID:7061
Type:remote
Threat Level:
6/10
Description:external_acl queue infinite loop, FTP client code DoS on parsing FTP server listing.
Affected:SQUID : Squid 2.6
CVE:CVE-2007-0248 (The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop.)
 CVE-2007-0247 (squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod