Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0046

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2006-0046
Last Modified 07 Mar 2011 09:29:13
Published 13 Feb 2006 06:06:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0046

Summary

squid_redirect script in adzapper before 2006-01-29 allows remote attackers to cause a denial of service (CPU consumption) via a URL with a large number of trailing / (forward slashes), which might produce inefficient regular expressions.

Vulnerable Systems

Application

  • Cameron Simpson Adzapper 2006-01-01

  • Cameron Simpson Adzapper 2006-01-05

  • Cameron Simpson Adzapper 2006-01-07

  • Cameron Simpson Adzapper 2006-01-14

  • Cameron Simpson Adzapper 2006-01-15

  • Cameron Simpson Adzapper 2006-01-23

  • Cameron Simpson Adzapper 2006-01-24

  • Cameron Simpson Adzapper 2006-01-25

  • Cameron Simpson Adzapper 2006-01-28

  • Cameron Simpson Adzapper 2006-01-29


References

DEBIAN - DSA-966

SECUNIA - 18777

SECUNIA - 18771

VUPEN - ADV-2006-0491

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350308

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi/squid_redirect.diff?bug=350308;msg=5;att=1

CONFIRM - http://adzapper.sourceforge.net/cvslog.html

XF - adzapper-squid-redirect-dos(24640)

BID - 16558

OSVDB - 22900


Last Updated: 27 May 2016 10:41:30