Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2007-6239
Modified
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-04 Dec, 2007 | 18:46
Updated At-23 Apr, 2026 | 00:35

The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
squid
squid
>>squid_web_proxy_cache>>2.0_patch2
cpe:2.3:a:squid:squid_web_proxy_cache:2.0_patch2:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.1_patch2
cpe:2.3:a:squid:squid_web_proxy_cache:2.1_patch2:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.3.stable4
cpe:2.3:a:squid:squid_web_proxy_cache:2.3.stable4:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.3.stable5
cpe:2.3:a:squid:squid_web_proxy_cache:2.3.stable5:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.4_stable2
cpe:2.3:a:squid:squid_web_proxy_cache:2.4_stable2:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.4_stable4
cpe:2.3:a:squid:squid_web_proxy_cache:2.4_stable4:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.4_stable6
cpe:2.3:a:squid:squid_web_proxy_cache:2.4_stable6:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.4_stable7
cpe:2.3:a:squid:squid_web_proxy_cache:2.4_stable7:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5.stable11
cpe:2.3:a:squid:squid_web_proxy_cache:2.5.stable11:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5.stable12
cpe:2.3:a:squid:squid_web_proxy_cache:2.5.stable12:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5.stable13
cpe:2.3:a:squid:squid_web_proxy_cache:2.5.stable13:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5.stable14
cpe:2.3:a:squid:squid_web_proxy_cache:2.5.stable14:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5_.stable9
cpe:2.3:a:squid:squid_web_proxy_cache:2.5_.stable9:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5_stable1
cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable1:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5_stable3
cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable3:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5_stable4
cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable4:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5_stable5
cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable5:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5_stable6
cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable6:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5_stable7
cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable7:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5_stable8
cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable8:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.5_stable10
cpe:2.3:a:squid:squid_web_proxy_cache:2.5_stable10:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6
cpe:2.3:a:squid:squid_web_proxy_cache:2.6:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable1
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable1:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable2
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable2:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable3
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable3:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable4
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable4:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable5
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable5:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable6
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable6:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable7
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable7:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable12
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable12:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable13
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable13:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable14
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable14:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable15
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable15:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>2.6.stable16
cpe:2.3:a:squid:squid_web_proxy_cache:2.6.stable16:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>3.0
cpe:2.3:a:squid:squid_web_proxy_cache:3.0:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>3.0_pre1
cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre1:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>3.0_pre2
cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre2:*:*:*:*:*:*:*
squid
squid
>>squid_web_proxy_cache>>3.0_pre3
cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.gentoo.org/show_bug.cgi?id=201209secalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/27910secalert@redhat.com
Patch
Vendor Advisory
http://secunia.com/advisories/28091secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/28109secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/28350secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/28381secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/28403secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/28412secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/28814secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34467secalert@redhat.com
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200801-05.xmlsecalert@redhat.com
N/A
http://security.gentoo.org/glsa/glsa-200903-38.xmlsecalert@redhat.com
N/A
http://www.debian.org/security/2008/dsa-1482secalert@redhat.com
Patch
http://www.kb.cert.org/vuls/id/232881secalert@redhat.com
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2008:002secalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2007-1130.htmlsecalert@redhat.com
Patch
http://www.securityfocus.com/bid/26687secalert@redhat.com
Patch
http://www.securitytracker.com/id?1019036secalert@redhat.com
N/A
http://www.squid-cache.org/Advisories/SQUID-2007_2.txtsecalert@redhat.com
Patch
Vendor Advisory
http://www.squid-cache.org/Versions/v2/2.6/changesets/11780.patchsecalert@redhat.com
Exploit
Vendor Advisory
http://www.ubuntu.com/usn/usn-565-1secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2007/4066secalert@redhat.com
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=410181secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10915secalert@redhat.com
N/A
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00497.htmlsecalert@redhat.com
N/A
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00507.htmlsecalert@redhat.com
N/A
http://bugs.gentoo.org/show_bug.cgi?id=201209af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/27910af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/28091af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/28109af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/28350af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/28381af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/28403af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/28412af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/28814af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34467af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200801-05.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-200903-38.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2008/dsa-1482af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.kb.cert.org/vuls/id/232881af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2008:002af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2007-1130.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/26687af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securitytracker.com/id?1019036af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.squid-cache.org/Advisories/SQUID-2007_2.txtaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.squid-cache.org/Versions/v2/2.6/changesets/11780.patchaf854a3a-2127-422b-91ae-364da2661108
Exploit
Vendor Advisory
http://www.ubuntu.com/usn/usn-565-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/4066af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=410181af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10915af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00497.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00507.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=201209
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/27910
Source: secalert@redhat.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28091
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28109
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28350
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28381
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28403
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28412
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28814
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/34467
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200801-05.xml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200903-38.xml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2008/dsa-1482
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://www.kb.cert.org/vuls/id/232881
Source: secalert@redhat.com
Resource:
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:002
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-1130.html
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/26687
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://www.securitytracker.com/id?1019036
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.squid-cache.org/Advisories/SQUID-2007_2.txt
Source: secalert@redhat.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.squid-cache.org/Versions/v2/2.6/changesets/11780.patch
Source: secalert@redhat.com
Resource:
Exploit
Vendor Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-565-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/4066
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=410181
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10915
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00497.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00507.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=201209
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/27910
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28091
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28109
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28350
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28381
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28403
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28412
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28814
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/34467
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200801-05.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200903-38.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2008/dsa-1482
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.kb.cert.org/vuls/id/232881
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:002
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-1130.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/26687
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.securitytracker.com/id?1019036
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.squid-cache.org/Advisories/SQUID-2007_2.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.squid-cache.org/Versions/v2/2.6/changesets/11780.patch
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Vendor Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-565-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/4066
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=410181
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10915
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00497.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00507.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found