Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0713

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0713
Last Modified 05 Sep 2008 04:28:45
Published 26 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0713

Summary

Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated.

Vulnerable Systems

Application

  • Squid 2.4.stable6


References

CONFIRM - http://www.squid-cache.org/Versions/v2/2.4/bugs/

CONFIRM - http://www.squid-cache.org/Advisories/SQUID-2002_3.txt

MANDRAKE - MDKSA-2002:044

REDHAT - RHSA-2002:130

BUGTRAQ - 20020715 TSLSA-2002-0062 - squid

BID - 5157

BID - 5156

BID - 5155

XF - squid-msnt-helper-bo(9482)

XF - squid-ftp-dir-bo(9481)

XF - squid-gopher-bo(9480)

REDHAT - RHSA-2002:051

CALDERA - CSSA-2002-046.0


Last Updated: 27 May 2016 10:37:02