Squid < 2.6.STABLE7 Multiple Remote DoS

medium Nessus Plugin ID 24870

Synopsis

The remote proxy server is affected by multiple denial of service vulnerabilities.

Description

Two vulnerabilities have been reported in Squid, which can be exploited by malicious people to cause a denial of service.

Solution

Upgrade to squid 2.6.STABLE7 or newer.

See Also

http://www.nessus.org/u?69b56cc5

Plugin Details

Severity: Medium

ID: 24870

File Name: squid_cdos.nasl

Version: 1.18

Type: remote

Family: Firewalls

Published: 3/20/2007

Updated: 6/12/2020

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:squid-cache:squid

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 12/11/2006

Reference Information

CVE: CVE-2007-0247, CVE-2007-0248

BID: 22079, 22203

CWE: 399