cbcvebase.
CVE-2007-0247
published 2007-01-16

CVE-2007-0247: squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses…

PriorityP429medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
19.09%
97.0th percentile
squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions.

Affected

11 ranges
VendorProductVersion rangeFixed in
debiansquid< squid 2.6.5-4 (bookworm)squid 2.6.5-4 (bookworm)
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid>= 0 < 2.6.5-42.6.5-4
squidsquid>= 0 < 2.6.5-42.6.5-4
squidsquid>= 0 < 2.6.5-42.6.5-4
squidsquid>= 0 < 2.6.5-42.6.5-4

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
vendor_ubuntu5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.