CVE-2013-0189

Priority
Description
cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other
versions, allows remote attackers to cause a denial of service (resource
consumption) via a crafted request. NOTE: this issue is due to an
incorrect fix for CVE-2012-5643, possibly involving an incorrect order of
arguments or incorrect comparison.
Notes
sarnoldThe webserver should be configured to restrict access to
cachemgr.cgi; this script shouldn't be exposed to untrusted users
Package
Source: squid (LP Ubuntu Debian)
Upstream:ignored (reached end-of-life)
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
Package
Upstream:released (3.2.7)
Patches:
Upstream:http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
More Information

Updated: 2019-12-05 21:02:03 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)