Back to search
CVE-2002-0068
Published: Apr 2, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.squid-cache.org/Versions/v2/2.4/bugs/
x_refsource_CONFIRM
CLA-2002:464
vendor-advisory
x_refsource_CONECTIVA
SuSE-SA:2002:008
vendor-advisory
x_refsource_SUSE
MDKSA-2002:016
vendor-advisory
x_refsource_MANDRAKE
20020222 Squid buffer overflow
mailing-list
x_refsource_BUGTRAQ
20020222 TSLSA-2002-0031 - squid
mailing-list
x_refsource_BUGTRAQ
CSSA-2002-SCO.7
vendor-advisory
x_refsource_CALDERA
20020221 Squid HTTP Proxy Security Update Advisory 2002:1
mailing-list
x_refsource_BUGTRAQ
RHSA-2002:029
vendor-advisory
x_refsource_REDHAT
CSSA-2002-010.0
vendor-advisory
x_refsource_CALDERA
5378
vdb-entry
x_refsource_OSVDB
squid-ftpbuildtitleurl-bo(8258)
vdb-entry
x_refsource_XF
4148
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now