Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6239

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-6239
Last Modified 07 Mar 2011 12:00:00
Published 04 Dec 2007 01:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6239

Summary

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.

Vulnerable Systems

Application

  • Squid Web Proxy Cache 2.0 Patch2

  • Squid Web Proxy Cache 2.1 Patch2

  • Squid Web Proxy Cache 2.3.stable4

  • Squid Web Proxy Cache 2.3.stable5

  • Squid Web Proxy Cache 2.4 Stable2

  • Squid Web Proxy Cache 2.4 Stable4

  • Squid Web Proxy Cache 2.4 Stable6

  • Squid Web Proxy Cache 2.4 Stable7

  • Squid Web Proxy Cache 2.5 .stable9

  • Squid Web Proxy Cache 2.5 Stable1

  • Squid Web Proxy Cache 2.5 Stable10

  • Squid Web Proxy Cache 2.5 Stable3

  • Squid Web Proxy Cache 2.5 Stable4

  • Squid Web Proxy Cache 2.5 Stable5

  • Squid Web Proxy Cache 2.5 Stable6

  • Squid Web Proxy Cache 2.5 Stable7

  • Squid Web Proxy Cache 2.5 Stable8

  • Squid Web Proxy Cache 2.5.stable11

  • Squid Web Proxy Cache 2.5.stable12

  • Squid Web Proxy Cache 2.5.stable13

  • Squid Web Proxy Cache 2.5.stable14

  • Squid Web Proxy Cache 2.6

  • Squid Web Proxy Cache 2.6.stable1

  • Squid Web Proxy Cache 2.6.stable12

  • Squid Web Proxy Cache 2.6.stable13

  • Squid Web Proxy Cache 2.6.stable14

  • Squid Web Proxy Cache 2.6.stable15

  • Squid Web Proxy Cache 2.6.stable16

  • Squid Web Proxy Cache 2.6.stable2

  • Squid Web Proxy Cache 2.6.stable3

  • Squid Web Proxy Cache 2.6.stable4

  • Squid Web Proxy Cache 2.6.stable5

  • Squid Web Proxy Cache 2.6.stable6

  • Squid Web Proxy Cache 2.6.stable7

  • Squid Web Proxy Cache 3.0

  • Squid Web Proxy Cache 3.0 Pre1

  • Squid Web Proxy Cache 3.0 Pre2

  • Squid Web Proxy Cache 3.0 Pre3


References

CERT-VN - VU#232881

CONFIRM - http://www.squid-cache.org/Advisories/SQUID-2007_2.txt

BID - 26687

REDHAT - RHSA-2007:1130

DEBIAN - DSA-1482

SECUNIA - 27910

FEDORA - FEDORA-2007-4161

FEDORA - FEDORA-2007-4170

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=410181

VUPEN - ADV-2007-4066

UBUNTU - USN-565-1

CONFIRM - http://www.squid-cache.org/Versions/v2/2.6/changesets/11780.patch

SECTRACK - 1019036

MANDRIVA - MDVSA-2008:002

GENTOO - GLSA-200903-38

GENTOO - GLSA-200801-05

SECUNIA - 34467

SECUNIA - 28814

SECUNIA - 28412

SECUNIA - 28403

SECUNIA - 28381

SECUNIA - 28350

SECUNIA - 28109

SECUNIA - 28091

SUSE - SUSE-SR:2008:001

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=201209

Related Patches

Red Hat 2007:1130-04 RHSA Moderate: squid security update for RHEL 5 x86


Last Updated: 27 May 2016 10:46:25