CVE-2010-0308
published 2010-02-03CVE-2010-0308: lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a…
PriorityP425medium4CVSS 2.0
AVNACLAuSCNINAP
EPSS
22.86%
97.4th percentile
lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.
Affected
51 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | squid | < squid 2.7.STABLE8-1 (bookworm) | squid 2.7.STABLE8-1 (bookworm) |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
| squid-cache | squid | — | — |
CVSS provenance
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
osv4.0MEDIUM
vendor_ubuntu5.0MEDIUM
vendor_debian4.0MEDIUM
vendor_redhat4.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Squid vulnerabilities
vendor_ubuntu·2010-02-16·CVSS 5.0
CVE-2009-2855 [MEDIUM] Squid vulnerabilities
Title: Squid vulnerabilities
Summary: Squid vulnerabilities
It was discovered that Squid incorrectly handled certain auth headers. A
remote attacker could exploit this with a specially-crafted auth header
and cause Squid to go into an infinite loop, resulting in a denial of
service. This issue only affected Ubuntu 8.10, 9.04 and 9.10.
(CVE-2009-2855)
It was discovered that Squid incorrectly handled certain DNS packets. A
remote attacker could exploit this with a specially-crafted DNS packet
and cause Squid to crash, resulting in a denial of service. (CVE-2010-0308)
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Debian
CVE-2010-0308: squid - lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 a...
vendor_debian·2010·CVSS 4.0
CVE-2010-0308 [MEDIUM] CVE-2010-0308: squid - lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 a...
lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.
Scope: local
bookworm: resolved (fixed in 2.7.STABLE8-1)
bullseye: resolved (fixed in 2.7.STABLE8-1)
forky: resolved (fixed in 2.7.STABLE8-1)
sid: resolved (fixed in 2.7.STABLE8-1)
trixie: resolved (fixed in 2.7.STABLE8-1)
Red Hat
squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)
vendor_redhat·2009-12-27·CVSS 4.0
CVE-2010-0308 [MEDIUM] squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)
squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)
lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.
Package: squid (Red Hat Enterprise Linux 4) - Will not fix
VulDB
Squid Proxy up to 3.1.0.4 lib/rfc1035.c input validation (Nessus ID 44402 / ID 165236)
vuldb·2026-04-30·CVSS 4.0
CVE-2010-0308 [MEDIUM] Squid Proxy up to 3.1.0.4 lib/rfc1035.c input validation (Nessus ID 44402 / ID 165236)
A vulnerability marked as problematic has been reported in Squid Proxy up to 3.1.0.4. Impacted is an unknown function in the library lib/rfc1035.c. This manipulation causes improper input validation.
This vulnerability is tracked as CVE-2010-0308. The attack is possible to be carried out remotely. No exploit exists.
GHSA
GHSA-wg6g-7g6h-p73r: lib/rfc1035
ghsa_unreviewed·2022-05-02
CVE-2010-0308 [MEDIUM] CWE-20 GHSA-wg6g-7g6h-p73r: lib/rfc1035
lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.
OSV
CVE-2010-0308: lib/rfc1035
osv·2010-02-03·CVSS 4.0
CVE-2010-0308 [MEDIUM] CVE-2010-0308: lib/rfc1035
lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header.
No detection rules found.
Bugzilla
CVE-2010-0308 squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1) [Fedora all]
bugzilla·2010-02-04·CVSS 4.0
CVE-2010-0308 [MEDIUM] CVE-2010-0308 squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1) [Fedora all]
CVE-2010-0308 squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1) [Fedora all]
This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions.
For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in "Blocks" field.
bug #556389:
CVE-2010-0308 squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)
When creating a Bodhi update request, please include the bug IDs of the respective parent bugs filed against the "Security Response" product. Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/upda
Bugzilla
CVE-2010-0308 squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)
bugzilla·2010-01-18·CVSS 4.0
CVE-2010-0308 [MEDIUM] CVE-2010-0308 squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)
CVE-2010-0308 squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)
Fabian Yamaguchi reported on 26C3 a flaw in squid's DNS client code, that can lead to a temporary denial of service condition. A truncated ("header-only") DNS reply packet can cause squid child process to exit due to an assertion failure in rfc1035NameUnpack (lib/rfc1035.c):
http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html
(see slide 70)
Parent squid process will spawn a new child process, so such abort will only result in temporary service unavailability.
Upstream patches, which should be included in the next releases:
http://west.squid-cache.org/Versions/v3/HEAD/changesets/squid-3-10235.patch
http://west.squid-cache.org/Versions/v2/HEAD/changesets/12597.patch
Discu
http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdfhttp://osvdb.org/62044http://secunia.com/advisories/38451http://secunia.com/advisories/38455http://www.securityfocus.com/bid/37522http://www.securitytracker.com/id?1023520http://www.squid-cache.org/Advisories/SQUID-2010_1.txthttp://www.squid-cache.org/Versions/v2/HEAD/changesets/12597.patchhttp://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9163.patchhttp://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-9853.patchhttp://www.vupen.com/english/advisories/2010/0260https://exchange.xforce.ibmcloud.com/vulnerabilities/56001https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11270http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdfhttp://osvdb.org/62044http://secunia.com/advisories/38451http://secunia.com/advisories/38455http://www.securityfocus.com/bid/37522http://www.securitytracker.com/id?1023520http://www.squid-cache.org/Advisories/SQUID-2010_1.txthttp://www.squid-cache.org/Versions/v2/HEAD/changesets/12597.patchhttp://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9163.patchhttp://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-9853.patchhttp://www.vupen.com/english/advisories/2010/0260https://exchange.xforce.ibmcloud.com/vulnerabilities/56001https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11270
2010-02-03
Published