CVE-2016-2571

http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.
Severity
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Atk. Vector
NETWORK
Atk. Complexity
LOW
Priv. Required
NONE
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
squid-cachesquid
3.0
squid-cachesquid
3.0
squid-cachesquid
3.0
squid-cachesquid
3.0
squid-cachesquid
3.0
squid-cachesquid
3.0
squid-cachesquid
3.0
squid-cachesquid
3.0
squid-cachesquid
3.0
squid-cachesquid
3.0.stable1
squid-cachesquid
3.0.stable2
squid-cachesquid
3.0.stable3
squid-cachesquid
3.0.stable4
squid-cachesquid
3.0.stable5
squid-cachesquid
3.0.stable6
squid-cachesquid
3.0.stable7
squid-cachesquid
3.0.stable8
squid-cachesquid
3.0.stable9
squid-cachesquid
3.0.stable10
squid-cachesquid
3.0.stable11
squid-cachesquid
3.0.stable11
squid-cachesquid
3.0.stable12
squid-cachesquid
3.0.stable13
squid-cachesquid
3.0.stable14
squid-cachesquid
3.0.stable15
squid-cachesquid
3.0.stable16
squid-cachesquid
3.0.stable16
squid-cachesquid
3.0.stable17
squid-cachesquid
3.0.stable18
squid-cachesquid
3.0.stable19
squid-cachesquid
3.0.stable20
squid-cachesquid
3.0.stable21
squid-cachesquid
3.0.stable22
squid-cachesquid
3.0.stable23
squid-cachesquid
3.0.stable24
squid-cachesquid
3.0.stable25
squid-cachesquid
3.1
squid-cachesquid
3.1.0.1
squid-cachesquid
3.1.0.2
squid-cachesquid
3.1.0.3
squid-cachesquid
3.1.0.4
squid-cachesquid
3.1.0.5
squid-cachesquid
3.1.0.6
squid-cachesquid
3.1.0.7
squid-cachesquid
3.1.0.8
squid-cachesquid
3.1.0.9
squid-cachesquid
3.1.0.10
squid-cachesquid
3.1.0.11
squid-cachesquid
3.1.0.12
squid-cachesquid
3.1.0.13
squid-cachesquid
3.1.0.14
squid-cachesquid
3.1.0.15
squid-cachesquid
3.1.0.16
squid-cachesquid
3.1.0.17
squid-cachesquid
3.1.0.18
squid-cachesquid
3.1.1
squid-cachesquid
3.1.2
squid-cachesquid
3.1.3
squid-cachesquid
3.1.4
squid-cachesquid
3.1.5
squid-cachesquid
3.1.5.1
squid-cachesquid
3.1.6
squid-cachesquid
3.1.7
squid-cachesquid
3.1.8
squid-cachesquid
3.1.9
squid-cachesquid
3.1.10
squid-cachesquid
3.1.11
squid-cachesquid
3.1.12
squid-cachesquid
3.1.13
squid-cachesquid
3.1.14
squid-cachesquid
3.1.15
squid-cachesquid
3.2.0.1
squid-cachesquid
3.2.0.2
squid-cachesquid
3.2.0.3
squid-cachesquid
3.2.0.4
squid-cachesquid
3.2.0.5
squid-cachesquid
3.2.0.6
squid-cachesquid
3.2.0.7
squid-cachesquid
3.2.0.8
squid-cachesquid
3.2.0.9
squid-cachesquid
3.2.0.10
squid-cachesquid
3.2.0.11
squid-cachesquid
3.2.0.12
squid-cachesquid
3.2.0.13
squid-cachesquid
3.2.0.14
squid-cachesquid
3.2.0.15
squid-cachesquid
3.2.0.16
squid-cachesquid
3.2.0.17
squid-cachesquid
3.2.0.18
squid-cachesquid
3.2.0.19
squid-cachesquid
3.2.1
squid-cachesquid
3.2.2
squid-cachesquid
3.2.3
squid-cachesquid
3.2.4
squid-cachesquid
3.2.5
squid-cachesquid
3.2.6
squid-cachesquid
3.2.7
squid-cachesquid
3.2.8
squid-cachesquid
3.2.9
squid-cachesquid
3.2.10
squid-cachesquid
3.2.11
squid-cachesquid
3.2.12
squid-cachesquid
3.2.13
squid-cachesquid
3.3.0
squid-cachesquid
3.3.0.2
squid-cachesquid
3.3.0.3
squid-cachesquid
3.3.1
squid-cachesquid
3.3.2
squid-cachesquid
3.3.3
squid-cachesquid
3.3.4
squid-cachesquid
3.3.5
squid-cachesquid
3.3.6
squid-cachesquid
3.3.7
squid-cachesquid
3.3.8
squid-cachesquid
3.3.9
squid-cachesquid
3.3.10
squid-cachesquid
3.3.11
squid-cachesquid
3.3.12
squid-cachesquid
3.3.13
squid-cachesquid
3.4.0.1
squid-cachesquid
3.4.0.2
squid-cachesquid
3.4.0.3
squid-cachesquid
3.4.1
squid-cachesquid
3.4.2
squid-cachesquid
3.4.3
squid-cachesquid
3.4.4
squid-cachesquid
3.4.8
squid-cachesquid
3.4.9
squid-cachesquid
3.4.10
squid-cachesquid
3.4.11
squid-cachesquid
3.4.12
squid-cachesquid
3.4.13
squid-cachesquid
3.5.0.1
squid-cachesquid
3.5.0.2
squid-cachesquid
3.5.0.3
squid-cachesquid
3.5.0.4
squid-cachesquid
3.5.1
squid-cachesquid
4.0.1
squid-cachesquid
4.0.2
squid-cachesquid
4.0.3
squid-cachesquid
4.0.4
squid-cachesquid
4.0.5
squid-cachesquid
4.0.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
squid
bullseye (security)
4.13-10+deb11u3
fixed
bullseye
4.13-10+deb11u3
fixed
bookworm
5.7-2+deb12u2
fixed
bookworm (security)
5.7-2+deb12u2
fixed
sid
6.12-1
fixed
trixie
6.12-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
squid3
artful
not-affected
zesty
ignored
yakkety
ignored
xenial
Fixed 3.5.12-1ubuntu7.5
released
wily
Fixed 3.3.8-1ubuntu16.2
released
trusty
Fixed 3.3.8-1ubuntu6.6
released
precise
Fixed 3.1.19-1ubuntu3.12.04.6
released