CVE-2007-6239

Published Dec 4, 2007
Last updated 7 years ago
CVSS info 5.0
Overview

Description: The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses

nvd@nist.gov: CWE-20
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.0_patch2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CE151E1-625E-410C-9D10-714608A00C4C"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.1_patch2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10021E5F-160D-40C0-9435-502B8A404B47"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.3.stable4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43BF62E2-3282-4BB2-8E24-6329BF16C883"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.3.stable5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2D3DD39-D60E-43C6-96B5-EA86B4885640"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.4_stable2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2E1146A-A6BB-4DDA-930B-060CFA1C8B6C"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.4_stable4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3546493-F93A-4CF1-B7AA-B37DB7166B84"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.4_stable6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5913E09-1A69-4677-A307-CB320927CB0B"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.4_stable7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BEAAD41-FD2D-4DE1-A40E-26833E8F4ECB"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5.stable11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBC75D2D-2A15-4492-B729-52D12FD50DB7"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5.stable12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BE7D9F6-77BE-468C-8F2B-1DA98FC71E0A"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5.stable13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AE5D91A-3202-4045-8A83-0EBAA1739D9B"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5.stable14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06DDCB94-4671-4CEB-88DB-0D5C9375A310"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5_.stable9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "102085F4-9D6A-4E87-8051-80ACD69292B7"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "391FF335-04EA-4DA4-96EA-5A910C0F803D"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8597FD93-C245-4943-B388-94A799810773"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFD66C94-F045-4D8D-A961-4CC0F627382F"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA6AB869-FA31-4A78-ABA8-2F244A6B5872"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E58DC55D-12A1-473F-AC99-16978035C7B3"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F49FAF5-35D9-4998-9CD8-703C605D1CD6"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A66778-B985-4CE6-B632-4CE3C7A86593"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AD70CCF-DEC6-4CA7-AB43-7982AACE2433"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41CD3384-FC1E-4C33-98C3-C4227D1F5C41"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E8C9587-677C-47D9-B5BB-0A4FDCA76D57"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1254E804-CDA6-4BD3-BE42-2198CB9172A9"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03163ECC-AE3F-4CE1-B4F6-8C1A0AA12582"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8999DFD-0C34-4C7C-8E5F-683F30E4A26D"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79E283CF-F51A-4E4C-9B64-9A0C5ED8A3E2"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21BC9D9D-7C00-4EE7-BDE3-A60753AD644B"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0608AFE2-536F-4938-BEBF-C22DB1C1F1DE"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83E25A57-0BA7-403E-BC38-2E4362D9A4A0"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CE6F519-C79E-4558-BE4E-1E2C1C9DC40F"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39B6EC86-89E8-43DF-8797-5700FCE97FFE"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A41A3768-68F8-4A32-A701-0E062B746666"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AF6506B-7CFA-437D-A62A-D92A6C6A9C01"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18A99A70-46CE-4F1F-BC50-A9A32DBB511E"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64F8F1B9-A281-47C0-88EB-417A6A5B9F00"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EECA433-3770-4ADE-8962-181FCC3590E2"
          },
          {
            "criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28613D22-9E8B-4231-9AC9-523D506A200A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
