CVE-2007-0248

NONE EPSS 93.1%
Published Jan 16, 200719y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 16, 2007 19y ago
Last Modified Jun 16, 2026 2w ago

Description

The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop.

Threat Intelligence

EPSS Exploit Probability
93.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 1

VendorProductVersionRange
squidsquid2.6.stable6any

References 14

  • secunia.com http://secunia.com/advisories/23767
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/23805
  • secunia.com http://secunia.com/advisories/23889
  • secunia.com http://secunia.com/advisories/23921
  • secunia.com http://secunia.com/advisories/23946
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:026
  • novell.com http://www.novell.com/linux/security/advisories/2007_12_squid.html
  • securityfocus.com http://www.securityfocus.com/bid/22203
  • squid-cache.org http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12
  • squid-cache.org http://www.squid-cache.org/bugs/show_bug.cgi?id=1848
  • ubuntu.com http://www.ubuntu.com/usn/usn-414-1
  • vupen.com http://www.vupen.com/english/advisories/2007/0199
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/31525

Remediation

  • secunia.com http://secunia.com/advisories/23767
    PatchVendor Advisory