CVE-2013-1839 (GCVE-0-2013-1839)
Vulnerability from cvelistv5
Published
2013-09-30 20:00
Modified
2024-08-06 15:13
Severity ?
Summary
The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a "," character in an Accept-Language header.
References
secalert@redhat.comhttp://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html
secalert@redhat.comhttp://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html
secalert@redhat.comhttp://secunia.com/advisories/52588Vendor Advisory
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2013/03/11/7
secalert@redhat.comhttp://www.securityfocus.com/bid/58316
secalert@redhat.comhttp://www.squid-cache.org/Advisories/SQUID-2013_1.txt
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/52588Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/03/11/7
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/58316
af854a3a-2127-422b-91ae-364da2661108http://www.squid-cache.org/Advisories/SQUID-2013_1.txt
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T15:13:33.008Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "58316",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/58316",
               },
               {
                  name: "52588",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/52588",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.squid-cache.org/Advisories/SQUID-2013_1.txt",
               },
               {
                  name: "20130305 Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html",
               },
               {
                  name: "20130307 Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html",
               },
               {
                  name: "[oss-security] 20130311 Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2013/03/11/7",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a \",\" character in an Accept-Language header.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2013-09-30T20:00:00Z",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "58316",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/58316",
            },
            {
               name: "52588",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/52588",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.squid-cache.org/Advisories/SQUID-2013_1.txt",
            },
            {
               name: "20130305 Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html",
            },
            {
               name: "20130307 Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html",
            },
            {
               name: "[oss-security] 20130311 Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2013/03/11/7",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2013-1839",
      datePublished: "2013-09-30T20:00:00Z",
      dateReserved: "2013-02-19T00:00:00Z",
      dateUpdated: "2024-08-06T15:13:33.008Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DFAB3BA-BBE9-4CFB-BE6B-BDF3E7772E7F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9F523B8-463E-4FB0-ACB6-E36AAAF85CD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BA593D9-907D-4051-A3F2-0F88F01A7C79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20D2B364-B98A-4484-A10A-86AF43774096\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B7BF076-0D43-407A-86DC-D1163922A787\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA576F49-A7F5-4013-89DF-F6C91C15B547\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D3F52FE-FFB3-4221-8DC7-3F5680A07429\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"604FEF42-ABA7-42C1-8A5F-C3AECFD68481\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC2568C1-89CB-41C1-9126-A8665614D0B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C18B5392-3FDB-49E6-89DB-7945D337FBFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA9E0E7F-E93C-4DE9-8D91-5EE50BCFAC2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BFF9D8B-343B-415D-8AF8-B07AF94CC48B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F5794B-BBFB-4B12-9A0B-88A0334681C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17D0083E-8D50-4DC6-979F-685D5CB588AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"138FAD73-1D25-4F46-B9EA-599FF0EDA1AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CE34DC1-F654-474E-B6A3-D81B9BF4D6CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A4BF7AC-7D9F-40D8-A5AA-BE1EBF37CF96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"643E8B9B-C3F4-4171-BF67-D9359BDCE5CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A73CBC60-1EF1-4730-9350-EB51F269695B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2721E403-A553-492F-897F-1CD1E2685139\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85B091C4-8104-4A1E-A09D-EBCD114DC829\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA2EDF9C-45AD-4980-8DEF-C7F473B22CAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE4B8448-49FA-491C-A6A2-040233D670B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11480BB1-874C-48EB-BB03-081313310608\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B739890-99E8-434C-97D4-3739E6C31838\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C7B1871-3C85-4B88-AB42-E60BF5CDFB04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A71DCD2-0E54-46A7-8309-CDB0736AD5C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"728DD64E-C267-475A-BEA8-C139581DD7A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CE8F3F5-45A2-418A-9D8E-4E6DFC888BC6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F4845D4-40D9-431E-A63C-E949B9D9F959\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EF070E6-0B73-4F6D-8932-B284697FCD2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E07992B-92B4-4307-8DBD-085376C1D6DD\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a \\\",\\\" character in an Accept-Language header.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n strHdrAcptLangGetItem en errorpage.cc de Squid 3.2.x (anteriores a 3.2.9) y 3.3.x (anteriores a 3.3.3) permite a un atacante remoto causar una denegaci\\u00f3n de servicio (bucle infinito y consumo de CPU) a trav\\u00e9s de un caracter \\\",\\\" en la cabecera Accept-Language.\"}]",
         id: "CVE-2013-1839",
         lastModified: "2024-11-21T01:50:29.613",
         metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
         published: "2013-09-30T22:55:04.633",
         references: "[{\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/52588\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2013/03/11/7\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/58316\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.squid-cache.org/Advisories/SQUID-2013_1.txt\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/52588\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2013/03/11/7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/58316\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.squid-cache.org/Advisories/SQUID-2013_1.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
         sourceIdentifier: "secalert@redhat.com",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2013-1839\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-09-30T22:55:04.633\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a \\\",\\\" character in an Accept-Language header.\"},{\"lang\":\"es\",\"value\":\"La función strHdrAcptLangGetItem en errorpage.cc de Squid 3.2.x (anteriores a 3.2.9) y 3.3.x (anteriores a 3.3.3) permite a un atacante remoto causar una denegación de servicio (bucle infinito y consumo de CPU) a través de un caracter \\\",\\\" en la cabecera Accept-Language.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DFAB3BA-BBE9-4CFB-BE6B-BDF3E7772E7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9F523B8-463E-4FB0-ACB6-E36AAAF85CD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BA593D9-907D-4051-A3F2-0F88F01A7C79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20D2B364-B98A-4484-A10A-86AF43774096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B7BF076-0D43-407A-86DC-D1163922A787\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA576F49-A7F5-4013-89DF-F6C91C15B547\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D3F52FE-FFB3-4221-8DC7-3F5680A07429\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"604FEF42-ABA7-42C1-8A5F-C3AECFD68481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC2568C1-89CB-41C1-9126-A8665614D0B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C18B5392-3FDB-49E6-89DB-7945D337FBFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA9E0E7F-E93C-4DE9-8D91-5EE50BCFAC2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BFF9D8B-343B-415D-8AF8-B07AF94CC48B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F5794B-BBFB-4B12-9A0B-88A0334681C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D0083E-8D50-4DC6-979F-685D5CB588AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"138FAD73-1D25-4F46-B9EA-599FF0EDA1AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CE34DC1-F654-474E-B6A3-D81B9BF4D6CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A4BF7AC-7D9F-40D8-A5AA-BE1EBF37CF96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"643E8B9B-C3F4-4171-BF67-D9359BDCE5CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A73CBC60-1EF1-4730-9350-EB51F269695B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2721E403-A553-492F-897F-1CD1E2685139\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85B091C4-8104-4A1E-A09D-EBCD114DC829\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA2EDF9C-45AD-4980-8DEF-C7F473B22CAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE4B8448-49FA-491C-A6A2-040233D670B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11480BB1-874C-48EB-BB03-081313310608\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B739890-99E8-434C-97D4-3739E6C31838\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C7B1871-3C85-4B88-AB42-E60BF5CDFB04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A71DCD2-0E54-46A7-8309-CDB0736AD5C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"728DD64E-C267-475A-BEA8-C139581DD7A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CE8F3F5-45A2-418A-9D8E-4E6DFC888BC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F4845D4-40D9-431E-A63C-E949B9D9F959\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EF070E6-0B73-4F6D-8932-B284697FCD2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E07992B-92B4-4307-8DBD-085376C1D6DD\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/52588\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/03/11/7\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/58316\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.squid-cache.org/Advisories/SQUID-2013_1.txt\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/52588\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/03/11/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/58316\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.squid-cache.org/Advisories/SQUID-2013_1.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.