Executive Summary

Informations
Name CVE-2010-2951 First vendor Publication 2010-10-12
Vendor Cve Last vendor Modification 2010-10-13

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response with the TC bit set.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2951

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

OpenVAS Exploits

Date Description
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-24 (Squid)
File : nvt/glsa_201110_24.nasl
2010-09-02 Name : Squid 'DNS' Reply Remote Buffer Overflow Vulnerability
File : nvt/gb_squid_42645.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
67618 Squid IPv4-only DNS Resolver Long DNS Reply Handling Remote DoS

Nessus® Vulnerability Scanner

Date Description
2011-10-27 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-24.nasl - Type : ACT_GATHER_INFO
2010-08-25 Name : The remote proxy server is affected by a denial of service vulnerability.
File : squid_3_1_7.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
CONFIRM http://bazaar.launchpad.net/~squid/squid/3.1/revision/10072
http://bugs.gentoo.org/show_bug.cgi?id=334263
http://bugs.squid-cache.org/show_bug.cgi?id=3009
http://bugs.squid-cache.org/show_bug.cgi?id=3021
http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10072.patch
https://bugzilla.redhat.com/show_bug.cgi?id=626927
MLIST http://marc.info/?l=squid-users&m=128263555724981&w=2
http://www.openwall.com/lists/oss-security/2010/08/24/6
http://www.openwall.com/lists/oss-security/2010/08/24/7
http://www.openwall.com/lists/oss-security/2010/08/25/2
http://www.openwall.com/lists/oss-security/2010/08/25/6

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
Date Informations
2021-05-04 12:11:52
  • Multiple Updates
2021-04-22 01:12:29
  • Multiple Updates
2020-05-23 00:26:14
  • Multiple Updates
2016-04-26 20:00:34
  • Multiple Updates
2014-02-17 10:56:49
  • Multiple Updates
2013-05-10 23:30:13
  • Multiple Updates