Description

The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port.

Remediation

References

CVE-2010-0639

Related Vulnerabilities

Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7903)

WordPress Plugin BuddyPress Multiple SQL Injection Vulnerabilities (1.7.1)

WordPress Plugin Online Lesson Booking Multiple Vulnerabilities (0.8.6)

Atlassian Confluence Improper Input Validation Vulnerability (CVE-2018-13389)

Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5690)

Severity

Medium

Classification

CVE-2010-0639

Tags

Missing Update Known Vulnerabilities