Unrated severityNVD Advisory· Published Mar 26, 2002· Updated Apr 16, 2026

CVE-2002-0163

Description

Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.

Affected products

Squid (software)/Squid
cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*
Range: <=2.4_9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-017.1.txtnvd
ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:19.squid.ascnvd
marc.infonvd
rhn.redhat.com/errata/RHSA-2002-051.htmlnvd
www.iss.net/security_center/static/8628.phpnvd
www.linux-mandrake.com/en/security/2002/MDKSA-2002-027.phpnvd
www.securityfocus.com/bid/4363nvd
www.squid-cache.org/Advisories/SQUID-2002_2.txtnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000