CVE-2010-0639
Published Feb 15, 2010
Last updated 14 years ago
Overview
- Description
- The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- Per: http://cwe.mitre.org/data/definitions/476.html 'NULL Pointer Dereference'
- Impact
- -
- Solution
- -
Vendor comments
- Red HatNot vulnerable. This issue did not affect the versions of squid as shipped with Red Hat Enterprise Linux 3, 4, or 5. Those versions are not compiled with the support for HTCP protocol.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:squid-cache:squid:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7EB3DBC-313E-4F55-90F3-BED0918A4EFE"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3DCC264-510E-43D1-9C13-99CEA54C7940"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED31C038-4142-4C2C-B540-9223C5C199FB"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "177060A9-6211-4B6D-96BE-48B4BD1FAFEE"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7E210DD-8EE6-4182-A78E-F791FCFDEFCF"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50327E36-756E-434D-804D-1E44A4ABAE1F"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AE100C3-0245-4305-B514-77D0572C2947"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "35C30CB9-FA3A-408D-A8B0-8805E75657BE"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:2.7:stable3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A03692DD-779F-4E3C-861C-29943870A816"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:2.7:stable4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79FF6B3C-A3CE-4AA2-80F9-44D05A6B2F08"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62B9F669-6217-498A-902E-22EDEEFC565E"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "047EDDD6-02F5-4B53-8FCA-781962392080"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01AD43AB-40BF-449F-A121-A8587E7AE449"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3942285D-E20C-45C5-9EF8-821F6D782CB8"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3FDB45B-4D91-4427-9565-812919086E7E"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86C3C8B5-C2A3-4454-9F89-38A860278366"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B37B7B4-2EAC-4C2A-9526-5C62CBA1DB8B"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "056EDEEE-A09C-47A2-9217-72E4B8387E00"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2593CB12-03E2-4F98-9B89-C09D5EADE077"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A44B7A4F-3070-4092-B9AF-3A1CD0897CC7"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "042FE60B-7239-45C7-8EE3-A036AC7778F8"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADF61A74-9CF9-413E-B997-4FAE5BA28939"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5605B00F-438B-45CC-A55D-E75E57BC4684"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8316B22E-B016-4F0E-9A3F-383E9B1A85A4"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49A2C5CB-E2F1-4A72-9EA3-912050AFEF7F"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "574C7DCC-B6E5-42A0-AA44-A0BCD67D1884"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2B1F1A5-B435-4A5C-86DF-EC3F29D94417"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "113EF7A6-3B8D-4A50-8873-FD36FCBF284C"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC97E2DA-7378-486B-9178-3B38FF58589B"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F178890-2F7E-43F5-8D6D-5EFCD790E758"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FA231EB-0F06-4D13-B50D-76FC8393187A"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31AB1D33-65EE-46DF-9D29-6B2BFACE7EC8"
},
{
"criteria": "cpe:2.3:a:squid-cache:squid:3.0.stable23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDA4744F-5FB2-4DF8-A7B9-A33EAB004CBA"
}
],
"operator": "OR"
}
]
}
]