ByteOS Network

NVD Vulnerability Details :

CVE-2007-0248

Modified

Source-cve@mitre.org

Published At-16 Jan, 2007 | 18:28

Updated At-23 Apr, 2026 | 00:35

The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P

Type: Primary

Version: 2.0

Base score: 5.0

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:N/C:N/I:N/A:P

CPE Matches

squid>>squid>>2.6.stable6

cpe:2.3:a:squid:squid:2.6.stable6:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

Vendor Statements

Organization : Red Hat

Last Modified : 2007-07-26T00:00:00

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch. This issue did not affect the versions of Squid as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.

References

Hyperlink	Source	Resource
http://secunia.com/advisories/23767	cve@mitre.org	Patch Vendor Advisory
http://secunia.com/advisories/23805	cve@mitre.org	N/A
http://secunia.com/advisories/23889	cve@mitre.org	N/A
http://secunia.com/advisories/23921	cve@mitre.org	N/A
http://secunia.com/advisories/23946	cve@mitre.org	N/A
http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml	cve@mitre.org	N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:026	cve@mitre.org	N/A
http://www.novell.com/linux/security/advisories/2007_12_squid.html	cve@mitre.org	N/A
http://www.securityfocus.com/bid/22203	cve@mitre.org	N/A
http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12	cve@mitre.org	N/A
http://www.squid-cache.org/bugs/show_bug.cgi?id=1848	cve@mitre.org	N/A
http://www.ubuntu.com/usn/usn-414-1	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/0199	cve@mitre.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/31525	cve@mitre.org	N/A
http://secunia.com/advisories/23767	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
http://secunia.com/advisories/23805	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/23889	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/23921	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/23946	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:026	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.novell.com/linux/security/advisories/2007_12_squid.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/22203	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.squid-cache.org/bugs/show_bug.cgi?id=1848	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.ubuntu.com/usn/usn-414-1	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.vupen.com/english/advisories/2007/0199	af854a3a-2127-422b-91ae-364da2661108	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/31525	af854a3a-2127-422b-91ae-364da2661108	N/A