Unrated severityNVD Advisory· Published Sep 16, 2013· Updated Apr 29, 2026

CVE-2013-4123

Description

client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote attackers to cause a denial of service via a crafted port number in a HTTP Host header.

Affected products

Squid Cache/Squid41 versions
cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*+ 40 more
- cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:*
OpenSUSE/openSUSE
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11826.patchnvdPatch
secunia.com/advisories/54142nvdVendor Advisory
www.squid-cache.org/Advisories/SQUID-2013_3.txtnvdVendor Advisory
lists.opensuse.org/opensuse-updates/2013-09/msg00024.htmlnvd
secunia.com/advisories/54834nvd
www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12591.patchnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.055
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000