PT-2002-1245 · Squid · Squid+1

Published

2002-03-26

Updated

2016-10-18

CVE-2002-0163

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Squid versions prior to 2.4 STABLE4 Squid 2.5 and 2.6 until March 12, 2002 distributions

Description A heap-based buffer overflow issue allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.

Recommendations For Squid versions prior to 2.4 STABLE4, update to version 2.4 STABLE4 or later. For Squid 2.5 and 2.6, ensure the distribution is from after March 12, 2002.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0163

Affected Products

Squid

Squid Cache

PT-2002-1245 · Squid · Squid+1

CVE-2002-0163

Related Identifiers

Affected Products

References · 11