Language:
http://www.squid-cache.org/Advisories/SQUID-2010_1.txt
http://www.nessus.org/u?9140f7e2
http://www.nessus.org/u?1e06892d
http://www.squid-cache.org/Versions/v2/HEAD/changesets/12597.patch
Severity: Medium
ID: 44384
File Name: squid_3_0_23.nasl
Version: 1.16
Type: remote
Family: Firewalls
Published: 2/2/2010
Updated: 9/17/2018
Configuration: Enable paranoid mode
Supported Sensors: Nessus
CVSS Score Rationale: The squid-2010_1 advisory mentions that any external server who can determine the squid receiving port can perform the attack, so authentication is set to none.
Risk Factor: Low
Score: 3.6
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2010-0308
CPE: cpe:/a:squid-cache:squid
Required KB Items: www/squid, Settings/ParanoidReport
Exploit Ease: No known exploits are available
Patch Publication Date: 2/1/2010
Vulnerability Publication Date: 1/29/2010
CVE: CVE-2010-0308
BID: 37522