Launchpad CVE tracker

CVE 2012-5643

Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials.

Related bugs and status

CVE-2012-5643 (Candidate) is related to these bugs:

Bug #730501: eCAP support

Summary				In	Importance	Status
	730501	eCAP support		squid3 (Ubuntu)	Wishlist	Fix Released

Bug #1117517: FTBFS on raring

Summary				In	Importance	Status
	1117517	FTBFS on raring		squid3 (Ubuntu)	High	Fix Released

Bug #1194310: cachemgr.cgi crashes after login

Summary				In	Importance	Status
	1194310	cachemgr.cgi crashes after login		squid3 (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securitytra...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.debian.org/...
MISC: http://www.mandriva.co...
MISC: https://bugzilla.redha...
MISC: http://rhn.redhat.com/...
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....
MISC: http://ubuntu.com/usn/...
MISC: http://openwall.com/li...
MISC: http://www.squid-cache...
MISC: http://www.squid-cache...
MISC: http://www.squid-cache...
MISC: https://bugs.gentoo.or...
MISC: https://wiki.mageia.or...
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....

Launchpad.net

CVE 2012-5643

Related bugs and status

Related bugs

References