| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-0718 | 5.0 |
Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.
|
03-10-2018 - 21:29 | 14-04-2005 - 04:00 | |
| CVE-2005-0626 | 2.6 |
Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies.
|
03-10-2018 - 21:29 | 08-03-2005 - 05:00 | |
| CVE-1999-0710 | 7.5 |
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
|
03-05-2018 - 01:29 | 25-07-1999 - 04:00 | |
| CVE-2005-1519 | 6.4 |
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
|
11-10-2017 - 01:30 | 11-05-2005 - 04:00 | |
| CVE-2005-2794 | 5.0 |
store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.
|
11-10-2017 - 01:30 | 07-09-2005 - 18:03 | |
| CVE-2005-2796 | 5.0 |
The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.
|
11-10-2017 - 01:30 | 07-09-2005 - 18:03 | |
| CVE-2005-1345 | 7.5 |
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
|
11-10-2017 - 01:30 | 02-05-2005 - 04:00 | |
| CVE-2005-2917 | 5.0 |
Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).
|
11-10-2017 - 01:30 | 30-09-2005 - 18:05 | |
| CVE-2004-2479 | 5.0 |
Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
|
11-10-2017 - 01:29 | 31-12-2004 - 05:00 | |
| CVE-2004-0832 | 5.0 |
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be
|
11-10-2017 - 01:29 | 03-11-2004 - 05:00 |