Oval Definition:oval:org.mitre.oval:tst:30954
Comment:squid is earlier than 7:2.5.STABLE3-6.3E.7
Type:rpminfo_testNamespace:linux
Check_Existence:at_least_one_existsCheck:at least one
State Operator:AND
References
Object:oval:org.mitre.oval:obj:14403
State:oval:org.mitre.oval:ste:9193
Referencing Definitions
Definition IDClassTitleLast Modified
oval:org.mitre.oval:def:9573
V
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
2013-04-29
oval:org.mitre.oval:def:10233
V
Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption).
2013-04-29
oval:org.mitre.oval:def:10251
V
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
2013-04-29
oval:org.mitre.oval:def:10269
V
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.
2013-04-29
oval:org.mitre.oval:def:10656
V
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters.
2013-04-29
oval:org.mitre.oval:def:10998
V
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
2013-04-29
oval:org.mitre.oval:def:11146
V
Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.
2013-04-29
oval:org.mitre.oval:def:11605
V
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
2013-04-29
oval:org.mitre.oval:def:11646
V
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
2013-04-29
BACK