Vulnerability Description
squid_redirect script in adzapper before 2006-01-29 allows remote attackers to cause a denial of service (CPU consumption) via a URL with a large number of trailing / (forward slashes), which might produce inefficient regular expressions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cameron Simpson | Adzapper | 2006-01-01 |
References
- http://adzapper.sourceforge.net/cvslog.html
- http://bugs.debian.org/cgi-bin/bugreport.cgi/squid_redirect.diff?bug=350308%3Bms
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350308
- http://secunia.com/advisories/18771PatchVendor Advisory
- http://secunia.com/advisories/18777PatchVendor Advisory
- http://www.debian.org/security/2006/dsa-966PatchVendor Advisory
- http://www.osvdb.org/22900
- http://www.securityfocus.com/bid/16558
- http://www.vupen.com/english/advisories/2006/0491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24640
- http://adzapper.sourceforge.net/cvslog.html
- http://bugs.debian.org/cgi-bin/bugreport.cgi/squid_redirect.diff?bug=350308%3Bms
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350308
- http://secunia.com/advisories/18771PatchVendor Advisory
- http://secunia.com/advisories/18777PatchVendor Advisory
FAQ
What is CVE-2006-0046?
CVE-2006-0046 is a vulnerability with a CVSS score of 7.8 (HIGH). squid_redirect script in adzapper before 2006-01-29 allows remote attackers to cause a denial of service (CPU consumption) via a URL with a large number of trailing / (forward slashes), which might pr...
How severe is CVE-2006-0046?
CVE-2006-0046 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0046?
Check the references section above for vendor advisories and patch information. Affected products include: Cameron Simpson Adzapper.