| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-0718 | 5.0 |
Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.
|
03-10-2018 - 21:29 | 14-04-2005 - 04:00 | |
| CVE-2005-0626 | 2.6 |
Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies.
|
03-10-2018 - 21:29 | 08-03-2005 - 05:00 | |
| CVE-1999-0710 | 7.5 |
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
|
03-05-2018 - 01:29 | 25-07-1999 - 04:00 | |
| CVE-2005-1519 | 6.4 |
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
|
11-10-2017 - 01:30 | 11-05-2005 - 04:00 | |
| CVE-2005-1345 | 7.5 |
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
|
11-10-2017 - 01:30 | 02-05-2005 - 04:00 |