CVE-2007-0247 | Vulnerability Database | Aqua Security

squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions.

Affected Software

Name	Vendor	Start Version	End Version
Squid	Squid	2.6.stable1 (including)	2.6.stable1 (including)
Squid	Squid	2.6.stable2 (including)	2.6.stable2 (including)
Squid	Squid	2.6.stable3 (including)	2.6.stable3 (including)
Squid	Squid	2.6.stable4 (including)	2.6.stable4 (including)
Squid	Squid	2.6.stable5 (including)	2.6.stable5 (including)
Squid	Squid	2.6.stable6 (including)	2.6.stable6 (including)
Squid	Ubuntu	dapper	*
Squid	Ubuntu	edgy	*
Squid	Ubuntu	feisty	*

References

http://fedoranews.org/cms/node/2442
http://osvdb.org/39839
http://secunia.com/advisories/23767
http://secunia.com/advisories/23805
http://secunia.com/advisories/23810
http://secunia.com/advisories/23837
http://secunia.com/advisories/23889
http://secunia.com/advisories/23921
http://secunia.com/advisories/23946
http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:026
http://www.novell.com/linux/security/advisories/2007_12_squid.html
http://www.securityfocus.com/bid/22079
http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12
http://www.squid-cache.org/bugs/show_bug.cgi?id=1857
http://www.trustix.org/errata/2007/0003/
http://www.ubuntu.com/usn/usn-414-1
http://www.vupen.com/english/advisories/2007/0199
https://exchange.xforce.ibmcloud.com/vulnerabilities/31523
http://fedoranews.org/cms/node/2442
http://osvdb.org/39839
http://secunia.com/advisories/23767
http://secunia.com/advisories/23805
http://secunia.com/advisories/23810
http://secunia.com/advisories/23837
http://secunia.com/advisories/23889
http://secunia.com/advisories/23921
http://secunia.com/advisories/23946
http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:026
http://www.novell.com/linux/security/advisories/2007_12_squid.html
http://www.securityfocus.com/bid/22079
http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12
http://www.squid-cache.org/bugs/show_bug.cgi?id=1857
http://www.trustix.org/errata/2007/0003/
http://www.ubuntu.com/usn/usn-414-1
http://www.vupen.com/english/advisories/2007/0199
https://exchange.xforce.ibmcloud.com/vulnerabilities/31523

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0247
CWE	https://cwe.mitre.org/data/definitions/399.html