Search CVE reports
121 – 130 of 139 results
CVE-2005-1519
Unknown prioritySquid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
1 affected packages
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
squid | — | — | — | — | — |
CVE-2005-1345
Unknown prioritySquid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
1 affected packages
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
squid | — | — | — | — | — |
CVE-2005-0446
Unknown prioritySquid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger...
1 affected packages
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
squid | — | — | — | — | — |
CVE-2005-0241
Unknown priorityThe httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or...
1 affected packages
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
squid | — | — | — | — | — |
CVE-2005-0211
Unknown priorityBuffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an...
1 affected packages
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
squid | — | — | — | — | — |
CVE-2005-0194
Unknown prioritySquid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers...
1 affected packages
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
squid | — | — | — | — | — |
CVE-2005-0173
Unknown prioritysquid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
1 affected packages
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
squid | — | — | — | — | — |
CVE-2005-0718
Unknown prioritySquid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.
1 affected packages
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
squid | — | — | — | — | — |
CVE-2005-0626
Unknown priorityRace condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the...
1 affected packages
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
squid | — | — | — | — | — |
CVE-2005-0175
Unknown prioritySquid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
1 affected packages
squid
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
squid | — | — | — | — | — |