CVE-2010-0639 Information

Feb 14, 2021 cve

Description

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8 and htcp.cc in 3.0 before 3.0.STABLE24 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port.

Reference

http://bugs.squid-cache.org/show_bug.cgi?id=2858 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035961.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037159.html http://osvdb.org/62297 http://secunia.com/advisories/38812 http://www.securityfocus.com/bid/38212 http://www.securitytracker.com/id?1023587 http://www.squid-cache.org/Advisories/SQUID-2010_2.txt http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch http://www.squid-cache.org/Versions/v3/3.0/changesets/3.0-ADV-2010_2.patch http://www.vupen.com/english/advisories/2010/0371 http://www.vupen.com/english/advisories/2010/0603

Share on: