Vulnerability Name:

CVE-2002-0069 (CCN-8260)

Assigned:2002-02-21
Published:2002-02-21
Updated:2016-10-18
Summary:Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-02:12
multiple security vulnerabilities in squid port

Source: FREEBSD
Type: UNKNOWN
FreeBSD-SA-02:12

Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2002-SCO.7
OpenServer: multiple vulnerabilities in squid

Source: CALDERA
Type: UNKNOWN
CSSA-2002-SCO.7

Source: MITRE
Type: CNA
CVE-2002-0069

Source: CONECTIVA
Type: UNKNOWN
CLA-2002:464

Source: BUGTRAQ
Type: UNKNOWN
20020221 Squid HTTP Proxy Security Update Advisory 2002:1

Source: BUGTRAQ
Type: UNKNOWN
20020222 TSLSA-2002-0031 - squid

Source: CCN
Type: RHSA-2002-029
New squid packages available

Source: XF
Type: UNKNOWN
squid-snmp-dos(8260)

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2002:016

Source: CCN
Type: OSVDB ID: 5377
Squid SNMP Memory Leak DoS

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2002:029

Source: BID
Type: UNKNOWN
4146

Source: CCN
Type: BID-4146
Squid Cache SNMP Denial of Service Vulnerability

Source: CCN
Type: Squid Web Proxy Cache Web site
Squid Web Proxy Cache

Source: CCN
Type: Squid Proxy Cache Security Update Advisory SQUID-2002:1
Squid HTTP Proxy Security Update Advisory 2002:1

Source: CONFIRM
Type: Patch
http://www.squid-cache.org/Versions/v2/2.4/bugs/

Source: CCN
Type: Trustix Secure Linux Bugfix Advisory #2002-0031
squid-cron

Source: XF
Type: UNKNOWN
squid-snmp-dos(8260)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:squid:squid:*:*:*:*:*:*:*:* (Version <= 2.4_stable_2)

  • Configuration 2:
  • cpe:/o:redhat:linux:6.2:*:alpha:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:i386:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:sparc:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.0:*:alpha:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.0:*:i386:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:alpha:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:i386:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:ia64:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:i386:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:ia64:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:squid-cache:squid:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.4.stable1:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.4.stable2:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.4.stable3:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:ports_collection:*:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.01:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    squid squid *
    redhat linux 6.2
    redhat linux 6.2
    redhat linux 6.2
    redhat linux 7.0
    redhat linux 7.0
    redhat linux 7.1
    redhat linux 7.1
    redhat linux 7.1
    redhat linux 7.2
    redhat linux 7.2
    squid-cache squid 2.1
    squid-cache squid 2.2
    squid-cache squid 2.4
    squid-cache squid 2.4.stable1
    squid-cache squid 2.3
    squid-cache squid 2.4.stable2
    squid-cache squid 2.4.stable3
    squid-cache squid 2.0
    redhat linux 6.2
    mandrakesoft mandrake linux 7.1
    freebsd ports collection *
    trustix secure linux 1.1
    redhat linux 7
    mandrakesoft mandrake linux 7.2
    mandrakesoft mandrake linux corporate server 1.0.1
    redhat linux 7.1
    trustix secure linux 1.01
    trustix secure linux 1.2
    mandrakesoft mandrake linux 8.0
    mandrakesoft mandrake single network firewall 7.2
    trustix secure linux 1.5
    mandrakesoft mandrake linux 8.1
    redhat linux 7.2
    redhat linux 7.3