Unrated severityNVD Advisory· Published Nov 26, 2014· Updated May 6, 2026

CVE-2014-7142

Description

The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.

Affected products

Squid Cache/Squid80 versions
cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:*+ 79 more
- cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.12:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:3.4.7:*:*:*:*:*:*:*
Canonical/Ubuntu Linux2 versions
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
Oracle Corporation/Solaris
cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/oss-sec/2014/q3/539nvdThird Party Advisory
seclists.org/oss-sec/2014/q3/613nvdThird Party Advisory
seclists.org/oss-sec/2014/q3/626nvdThird Party Advisory
secunia.com/advisories/60242nvdPermissions RequiredThird Party Advisory
ubuntu.com/usn/usn-2422-1nvdVendor Advisory
www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.htmlnvdThird Party Advisory
www.squid-cache.org/Advisories/SQUID-2014_4.txtnvdVendor Advisory
bugzilla.novell.com/show_bug.cginvdIssue TrackingThird Party AdvisoryVDB Entry
lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.htmlnvd
lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.htmlnvd
www.securityfocus.com/bid/70022nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.051
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000