CVE-2010-3072

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-3072
The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047787.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047820.html
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
http://secunia.com/advisories/41298 Vendor Advisory
http://secunia.com/advisories/41477 Vendor Advisory
http://secunia.com/advisories/41534
http://www.debian.org/security/2010/dsa-2111
http://www.openwall.com/lists/oss-security/2010/09/05/2 Patch
http://www.openwall.com/lists/oss-security/2010/09/07/7 Patch
http://www.securityfocus.com/bid/42982
http://www.squid-cache.org/Advisories/SQUID-2010_3.txt Vendor Advisory
http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9189.patch Patch
http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10090.patch Patch
http://www.vupen.com/english/advisories/2010/2433
https://bugzilla.redhat.com/show_bug.cgi?id=630444 Patch
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047787.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047820.html
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
http://secunia.com/advisories/41298 Vendor Advisory
http://secunia.com/advisories/41477 Vendor Advisory
http://secunia.com/advisories/41534
http://www.debian.org/security/2010/dsa-2111
http://www.openwall.com/lists/oss-security/2010/09/05/2 Patch
http://www.openwall.com/lists/oss-security/2010/09/07/7 Patch
http://www.securityfocus.com/bid/42982
http://www.squid-cache.org/Advisories/SQUID-2010_3.txt Vendor Advisory
http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9189.patch Patch
http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10090.patch Patch
http://www.vupen.com/english/advisories/2010/2433
https://bugzilla.redhat.com/show_bug.cgi?id=630444 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:squid-cache:squid:3.0:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable1:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable2:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable3:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable4:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable5:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable6:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable7:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable8:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable9:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable10:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable11:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable11:rc1:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable12:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable13:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable14:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable15:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable16:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable16:rc1:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable17:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable18:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable19:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable20:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable21:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable22:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable23:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable24:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.0.stable25:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.11:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.12:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.13:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.14:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.15:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.16:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.17:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.0.18:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:squid-cache:squid:3.1.7:*:*:*:*:*:*:*
History

No history.

Information

Published : 2010-09-20 21:00

Updated : 2025-04-11 00:51

NVD link : CVE-2010-3072

Mitre link : CVE-2010-3072

CVE.ORG link : CVE-2010-3072

JSON object : View

Products Affected

squid-cache

  • squid
CWE
NVD-CWE-Other