Squid: >> Squid >> 2.5.stable3 Security Vulnerabilities
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
CVSS Score
5.0
EPSS Score
0.816
Published
2005-02-07
Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption).
CVSS Score
5.0
EPSS Score
0.023
Published
2005-01-25
Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.
CVSS Score
5.0
EPSS Score
0.461
Published
2005-01-15
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.
CVSS Score
5.0
EPSS Score
0.758
Published
2005-01-15
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
CVSS Score
5.0
EPSS Score
0.483
Published
2005-01-11
Page 2