Unrated severityNVD Advisory· Published Dec 20, 2012· Updated Apr 29, 2026
CVE-2012-5643
CVE-2012-5643
Description
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials.
Affected products
102cpe:2.3:a:squid-cache:squid:2.0:*:*:*:*:*:*:*+ 101 more
- cpe:2.3:a:squid-cache:squid:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:2.7:stable3:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:2.7:stable4:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0:-:pre1:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0:-:pre2:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0:-:pre3:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0:-:pre4:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0:-:pre5:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0:-:pre6:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0:-:pre7:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable10:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable11:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable11:rc1:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable12:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable13:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable14:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable15:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable16:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable16:rc1:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable17:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable18:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable19:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable20:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable21:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable22:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable23:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable24:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable25:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable8:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.0.stable9:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
20- www.squid-cache.org/Advisories/SQUID-2012_1.txtnvdPatchVendor Advisory
- www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10479.patchnvdPatch
- www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11714.patchnvdPatch
- lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-01/msg00052.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-01/msg00075.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-09/msg00025.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-09/msg00032.htmlnvd
- openwall.com/lists/oss-security/2012/12/17/4nvd
- rhn.redhat.com/errata/RHSA-2013-0505.htmlnvd
- secunia.com/advisories/52024nvd
- secunia.com/advisories/54839nvd
- ubuntu.com/usn/usn-1713-1nvd
- www.debian.org/security/2013/dsa-2631nvd
- www.mandriva.com/security/advisoriesnvd
- www.securitytracker.com/idnvd
- bugs.gentoo.org/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- wiki.mageia.org/en/Support/Advisories/MGASA-2012-0368nvd
News mentions
0No linked articles in our index yet.