Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-0189

cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorrect order of arguments or incorrect comparison.

Related bugs and status

CVE-2013-0189 (Candidate) is related to these bugs:

Bug #730501: eCAP support

Summary				In	Importance	Status
	730501	eCAP support		squid3 (Ubuntu)	Wishlist	Fix Released

Bug #1117517: FTBFS on raring

Summary				In	Importance	Status
	1117517	FTBFS on raring		squid3 (Ubuntu)	High	Fix Released

Bug #1194310: cachemgr.cgi crashes after login

Summary				In	Importance	Status
	1194310	cachemgr.cgi crashes after login		squid3 (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.squid-cache...
MISC: http://www.squid-cache...
MISC: https://bugzilla.redha...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.debian.org/...
MISC: http://www.mandriva.co...
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....
MISC: http://www.ubuntu.com/...
MISC: http://lists.fedorapro...
MISC: http://bazaar.launchpa...
MISC: http://bazaar.launchpa...
MISC: https://bugzilla.redha...
MISC: https://wiki.mageia.or...
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....