CVE-2013-0189
Squid 3.1.x-3.2.x - Denial of Service via Crafted cachemgr.cgi Request
Title source: llmDescription
cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorrect order of arguments or incorrect comparison.
References (18)
Core 18
Core References
Patch x_refsource_misc
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID-2012_1.patch
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2013/dsa-2631
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:129
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1713-1
Various Sources x_refsource_confirm
http://bazaar.launchpad.net/~squid/squid/3.2/revision/11744
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html
Third Party Advisory x_refsource_confirm
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0029
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=887962#c9
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-09/msg00032.html
Patch x_refsource_misc
http://www.squid-cache.org/Versions/v3/3.2/changesets/SQUID-2012_1.patch
Patch mailing-list
x_refsource_mlist
http://lists.fedoraproject.org/pipermail/scm-commits/2013-January/934637.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/52024
Various Sources x_refsource_confirm
http://bazaar.launchpad.net/~squid/squid/3.2/revision/11743
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/54839
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/57646
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-09/msg00025.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=895972
Scores
EPSS
0.2303
EPSS Percentile
97.5%
Details
CWE
CWE-119
Status
published
Products (50)
canonical/ubuntu_linux
10.04
canonical/ubuntu_linux
11.10
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
12.10
squid-cache/squid
3.1
squid-cache/squid
3.1.0.1
squid-cache/squid
3.1.0.2
squid-cache/squid
3.1.0.3
squid-cache/squid
3.1.0.4
squid-cache/squid
3.1.0.5
... and 40 more
Published
Feb 08, 2013
Tracked Since
Feb 18, 2026