Vulnerability Details CVE-2007-0247
squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.386
EPSS Ranking 97.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://fedoranews.org/cms/node/2442
- http://osvdb.org/39839
- http://secunia.com/advisories/23767
- http://secunia.com/advisories/23805
- http://secunia.com/advisories/23810
- http://secunia.com/advisories/23837
- http://secunia.com/advisories/23889
- http://secunia.com/advisories/23921
- http://secunia.com/advisories/23946
- http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:026
- http://www.novell.com/linux/security/advisories/2007_12_squid.html
- http://www.securityfocus.com/bid/22079
- http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12
- http://www.squid-cache.org/bugs/show_bug.cgi?id=1857
- http://www.trustix.org/errata/2007/0003/
- http://www.ubuntu.com/usn/usn-414-1
- http://www.vupen.com/english/advisories/2007/0199
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31523
- http://fedoranews.org/cms/node/2442
- http://osvdb.org/39839
- http://secunia.com/advisories/23767
- http://secunia.com/advisories/23805
- http://secunia.com/advisories/23810
- http://secunia.com/advisories/23837
- http://secunia.com/advisories/23889
- http://secunia.com/advisories/23921
- http://secunia.com/advisories/23946
- http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:026
- http://www.novell.com/linux/security/advisories/2007_12_squid.html
- http://www.securityfocus.com/bid/22079
- http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12
- http://www.squid-cache.org/bugs/show_bug.cgi?id=1857
- http://www.trustix.org/errata/2007/0003/
- http://www.ubuntu.com/usn/usn-414-1
- http://www.vupen.com/english/advisories/2007/0199
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31523
Products affected by CVE-2007-0247
-
cpe:2.3:a:squid:squid:2.6.stable1
-
cpe:2.3:a:squid:squid:2.6.stable2
-
cpe:2.3:a:squid:squid:2.6.stable3
-
cpe:2.3:a:squid:squid:2.6.stable4
-
cpe:2.3:a:squid:squid:2.6.stable5
-
cpe:2.3:a:squid:squid:2.6.stable6