Unrated severityNVD Advisory· Published Mar 8, 2002· Updated Apr 16, 2026
CVE-2002-0068
CVE-2002-0068
Description
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
Affected products
11cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*+ 9 more
- cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*
- cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*
- cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- www.redhat.com/support/errata/RHSA-2002-029.htmlnvdPatchVendor Advisory
- www.squid-cache.org/Versions/v2/2.4/bugs/nvdExploit
- ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.ascnvd
- archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.htmlnvd
- distro.conectiva.com.br/atualizacoes/nvd
- marc.infonvd
- marc.infonvd
- marc.infonvd
- www.caldera.com/support/security/advisories/CSSA-2002-010.0.txtnvd
- www.iss.net/security_center/static/8258.phpnvd
- www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.phpnvd
- www.novell.com/linux/security/advisories/2002_008_squid_txt.htmlnvd
- www.osvdb.org/5378nvd
- www.securityfocus.com/bid/4148nvd
News mentions
0No linked articles in our index yet.