Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-0247

squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions.

Published

2007-01-16T18:28:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-399

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	squid	squid	2.6.stable1	Yes
Application	squid	squid	2.6.stable2	Yes
Application	squid	squid	2.6.stable3	Yes
Application	squid	squid	2.6.stable4	Yes
Application	squid	squid	2.6.stable5	Yes
Application	squid	squid	2.6.stable6	Yes

References

http://fedoranews.org/cms/node/2442 ([email protected])
http://osvdb.org/39839 ([email protected])
http://secunia.com/advisories/23767 Vendor Advisory ([email protected])
http://secunia.com/advisories/23805 Vendor Advisory ([email protected])
http://secunia.com/advisories/23810 Vendor Advisory ([email protected])
http://secunia.com/advisories/23837 Vendor Advisory ([email protected])
http://secunia.com/advisories/23889 Vendor Advisory ([email protected])
http://secunia.com/advisories/23921 Vendor Advisory ([email protected])
http://secunia.com/advisories/23946 Vendor Advisory ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2007:026 ([email protected])
http://www.novell.com/linux/security/advisories/2007_12_squid.html ([email protected])
http://www.securityfocus.com/bid/22079 ([email protected])
http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12 ([email protected])
http://www.squid-cache.org/bugs/show_bug.cgi?id=1857 ([email protected])
http://www.trustix.org/errata/2007/0003/ ([email protected])
http://www.ubuntu.com/usn/usn-414-1 ([email protected])
http://www.vupen.com/english/advisories/2007/0199 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/31523 ([email protected])
http://fedoranews.org/cms/node/2442 (af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/39839 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23767 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23805 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23810 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23837 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23889 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23921 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23946 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2007:026 (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2007_12_squid.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/22079 (af854a3a-2127-422b-91ae-364da2661108)
http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12 (af854a3a-2127-422b-91ae-364da2661108)
http://www.squid-cache.org/bugs/show_bug.cgi?id=1857 (af854a3a-2127-422b-91ae-364da2661108)
http://www.trustix.org/errata/2007/0003/ (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-414-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/0199 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31523 (af854a3a-2127-422b-91ae-364da2661108)