Description

cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorrect order of arguments or incorrect comparison.

Remediation

References

CVE-2013-0189

Related Vulnerabilities

Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2641)

Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0096)

Play Framework Improper Input Validation Vulnerability (CVE-2015-2156)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4300)

Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-28333)

Severity

Medium

Classification

CVE-2013-0189 CWE-119

Tags

Missing Update Known Vulnerabilities