Unrated severityNVD Advisory· Published Jul 26, 2002· Updated Apr 16, 2026

CVE-2002-0713

Description

Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated.

Affected products

Squid (software)/Squid
cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*
Range: <=2.4.stable6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rhn.redhat.com/errata/RHSA-2002-130.htmlnvdPatchVendor Advisory
www.linux-mandrake.com/en/security/2002/MDKSA-2002-044.phpnvdPatch
www.squid-cache.org/Advisories/SQUID-2002_3.txtnvdPatchVendor Advisory
www.squid-cache.org/Versions/v2/2.4/bugs/nvdPatch
ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-046.0.txtnvd
marc.infonvd
rhn.redhat.com/errata/RHSA-2002-051.htmlnvd
www.iss.net/security_center/static/9480.phpnvd
www.iss.net/security_center/static/9481.phpnvd
www.iss.net/security_center/static/9482.phpnvd
www.securityfocus.com/bid/5155nvd
www.securityfocus.com/bid/5156nvd
www.securityfocus.com/bid/5157nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000