NVD

Id
14382  
Name
CVE-2010-2951  
Description
dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response with the TC bit set.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-18  
Published
2010-10-12  
Modified Date
2010-10-13  
Seq
2010-2951  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
79617 14382 CVE-2010-2951 http://bazaar.launchpad.net/~squid/squid/3.1/revision/10072  View
79618 14382 CVE-2010-2951 http://bugs.gentoo.org/show_bug.cgi?id=334263  View
79619 14382 CVE-2010-2951 http://bugs.squid-cache.org/show_bug.cgi?id=3009  View
79620 14382 CVE-2010-2951 http://bugs.squid-cache.org/show_bug.cgi?id=3021  View
79621 14382 CVE-2010-2951 [squid-users] 20100824 Squid 3.1.7 is available  View
79622 14382 CVE-2010-2951 [oss-security] 20100824 CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present  View
79623 14382 CVE-2010-2951 [oss-security] 20100825 Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present  View
79624 14382 CVE-2010-2951 [oss-security] 20100825 Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present  View
79625 14382 CVE-2010-2951 [oss-security] 20100825 Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present  View
79626 14382 CVE-2010-2951 http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10072.patch  View
79627 14382 CVE-2010-2951 https://bugzilla.redhat.com/show_bug.cgi?id=626927  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37202 JVNDB-2010-002987 Squid の dns_internal.cc におけるサービス運用妨害 (DoS) の脆弱性 Squid の dns_internal.cc は、IPv6 DNS 解決が有効でない際、IPv4 TCP DNS クエリ実行中に無効なソケットにアクセスするため、サービス運用妨害 (アサーション失敗およびデーモン終了) 状態となる脆弱性が存在します。 CVE-2010-2951 45531 CVE-2010-2951 14382 5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002987.html 2010-10-12 2012-03-27 View