CVE-2010-3072

The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.

Affected Software

Name	Vendor	Start Version	End Version
Squid	Squid-cache	3.0 (including)	3.0 (including)
Squid	Squid-cache	3.0.stable1 (including)	3.0.stable1 (including)
Squid	Squid-cache	3.0.stable2 (including)	3.0.stable2 (including)
Squid	Squid-cache	3.0.stable3 (including)	3.0.stable3 (including)
Squid	Squid-cache	3.0.stable4 (including)	3.0.stable4 (including)
Squid	Squid-cache	3.0.stable5 (including)	3.0.stable5 (including)
Squid	Squid-cache	3.0.stable6 (including)	3.0.stable6 (including)
Squid	Squid-cache	3.0.stable7 (including)	3.0.stable7 (including)
Squid	Squid-cache	3.0.stable8 (including)	3.0.stable8 (including)
Squid	Squid-cache	3.0.stable9 (including)	3.0.stable9 (including)
Squid	Squid-cache	3.0.stable10 (including)	3.0.stable10 (including)
Squid	Squid-cache	3.0.stable11 (including)	3.0.stable11 (including)
Squid	Squid-cache	3.0.stable11-rc1 (including)	3.0.stable11-rc1 (including)
Squid	Squid-cache	3.0.stable12 (including)	3.0.stable12 (including)
Squid	Squid-cache	3.0.stable13 (including)	3.0.stable13 (including)
Squid	Squid-cache	3.0.stable14 (including)	3.0.stable14 (including)
Squid	Squid-cache	3.0.stable15 (including)	3.0.stable15 (including)
Squid	Squid-cache	3.0.stable16 (including)	3.0.stable16 (including)
Squid	Squid-cache	3.0.stable16-rc1 (including)	3.0.stable16-rc1 (including)
Squid	Squid-cache	3.0.stable17 (including)	3.0.stable17 (including)
Squid	Squid-cache	3.0.stable18 (including)	3.0.stable18 (including)
Squid	Squid-cache	3.0.stable19 (including)	3.0.stable19 (including)
Squid	Squid-cache	3.0.stable20 (including)	3.0.stable20 (including)
Squid	Squid-cache	3.0.stable21 (including)	3.0.stable21 (including)
Squid	Squid-cache	3.0.stable22 (including)	3.0.stable22 (including)
Squid	Squid-cache	3.0.stable23 (including)	3.0.stable23 (including)
Squid	Squid-cache	3.0.stable24 (including)	3.0.stable24 (including)
Squid	Squid-cache	3.0.stable25 (including)	3.0.stable25 (including)
Squid	Squid-cache	3.1 (including)	3.1 (including)
Squid	Squid-cache	3.1.0.1 (including)	3.1.0.1 (including)
Squid	Squid-cache	3.1.0.2 (including)	3.1.0.2 (including)
Squid	Squid-cache	3.1.0.3 (including)	3.1.0.3 (including)
Squid	Squid-cache	3.1.0.4 (including)	3.1.0.4 (including)
Squid	Squid-cache	3.1.0.5 (including)	3.1.0.5 (including)
Squid	Squid-cache	3.1.0.6 (including)	3.1.0.6 (including)
Squid	Squid-cache	3.1.0.7 (including)	3.1.0.7 (including)
Squid	Squid-cache	3.1.0.8 (including)	3.1.0.8 (including)
Squid	Squid-cache	3.1.0.9 (including)	3.1.0.9 (including)
Squid	Squid-cache	3.1.0.10 (including)	3.1.0.10 (including)
Squid	Squid-cache	3.1.0.11 (including)	3.1.0.11 (including)
Squid	Squid-cache	3.1.0.12 (including)	3.1.0.12 (including)
Squid	Squid-cache	3.1.0.13 (including)	3.1.0.13 (including)
Squid	Squid-cache	3.1.0.14 (including)	3.1.0.14 (including)
Squid	Squid-cache	3.1.0.15 (including)	3.1.0.15 (including)
Squid	Squid-cache	3.1.0.16 (including)	3.1.0.16 (including)
Squid	Squid-cache	3.1.0.17 (including)	3.1.0.17 (including)
Squid	Squid-cache	3.1.0.18 (including)	3.1.0.18 (including)
Squid	Squid-cache	3.1.1 (including)	3.1.1 (including)
Squid	Squid-cache	3.1.2 (including)	3.1.2 (including)
Squid	Squid-cache	3.1.3 (including)	3.1.3 (including)
Squid	Squid-cache	3.1.4 (including)	3.1.4 (including)
Squid	Squid-cache	3.1.5 (including)	3.1.5 (including)
Squid	Squid-cache	3.1.5.1 (including)	3.1.5.1 (including)
Squid	Squid-cache	3.1.6 (including)	3.1.6 (including)
Squid	Squid-cache	3.1.7 (including)	3.1.7 (including)
Red Hat Enterprise Linux 6	RedHat	squid-7:3.1.10-1.el6	*
Squid3	Ubuntu	hardy	*
Squid3	Ubuntu	jaunty	*
Squid3	Ubuntu	karmic	*
Squid3	Ubuntu	lucid	*
Squid3	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-3072
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References