CVE-2010-0639

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:N/I:N/A:P
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
squid-cachesquid
2.0
squid-cachesquid
2.1
squid-cachesquid
2.2
squid-cachesquid
2.3
squid-cachesquid
2.4
squid-cachesquid
2.5
squid-cachesquid
2.6
squid-cachesquid
2.7
squid-cachesquid
2.7
squid-cachesquid
2.7
squid-cachesquid
3.0
squid-cachesquid
3.0.stable1
squid-cachesquid
3.0.stable2
squid-cachesquid
3.0.stable3
squid-cachesquid
3.0.stable4
squid-cachesquid
3.0.stable5
squid-cachesquid
3.0.stable6
squid-cachesquid
3.0.stable7
squid-cachesquid
3.0.stable8
squid-cachesquid
3.0.stable9
squid-cachesquid
3.0.stable11
squid-cachesquid
3.0.stable12
squid-cachesquid
3.0.stable13
squid-cachesquid
3.0.stable14
squid-cachesquid
3.0.stable15
squid-cachesquid
3.0.stable16
squid-cachesquid
3.0.stable17
squid-cachesquid
3.0.stable18
squid-cachesquid
3.0.stable19
squid-cachesquid
3.0.stable20
squid-cachesquid
3.0.stable21
squid-cachesquid
3.0.stable22
squid-cachesquid
3.0.stable23
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
squid
bullseye (security)
4.13-10+deb11u3
fixed
bullseye
4.13-10+deb11u3
fixed
lenny
no-dsa
bookworm
5.7-2+deb12u2
fixed
bookworm (security)
5.7-2+deb12u2
fixed
sid
6.12-1
fixed
trixie
6.12-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
squid
oneiric
Fixed 2.7.STABLE7-1ubuntu6
released
natty
Fixed 2.7.STABLE7-1ubuntu6
released
maverick
Fixed 2.7.STABLE7-1ubuntu6
released
lucid
Fixed 2.7.STABLE7-1ubuntu6
released
karmic
Fixed 2.7.STABLE6-2ubuntu2.2
released
jaunty
Fixed 2.7.STABLE3-4.1ubuntu1.2
released
intrepid
Fixed 2.7.STABLE3-1ubuntu2.3
released
hardy
Fixed 2.6.18-1ubuntu3.2
released
dapper
not-affected
squid3
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
Fixed 3.0.STABLE19-1ubuntu0.2
released
karmic
ignored
jaunty
ignored
intrepid
ignored
hardy
ignored
dapper
dne