What is CVE-2014-7141?

CVE-2014-7141 is a vulnerability in Squid-cache Squid, classified under CWE-19. Published 2014-11-26.

Is CVE-2014-7141 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Squid-cache Squid

CVE-2014-7141

The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

EPSS: 0.773 (99.0th percentile) — read the EPSS interpretation.

Affected products

Squid-cache Squid — versions 3.1.1, 3.1.2, 3.1.3
N/a — versions n/a

Weakness classification (CWE)

CWE-19

Public proof-of-concept exploits

c-skills/CVEs

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
SUSE-SU-2016:1996 (vendor-advisory, x_refsource_SUSE)
[oss-security] 20140916 Re: CVE-Request: squid pinger remote DoS (mailing-list, x_refsource_MLIST)
60242 (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (x_refsource_CONFIRM)
69688 (vdb-entry, x_refsource_BID)
[oss-security] 20140909 CVE-Request: squid pinger remote DoS (mailing-list, x_refsource_MLIST)
USN-2422-1 (x_refsource_UBUNTU, vendor-advisory, Patch, Vendor Advisory)
SUSE-SU-2016:2089 (vendor-advisory, x_refsource_SUSE)
[oss-security] 20140922 Re: CVE-Request: squid pinger remote DoS (mailing-list, x_refsource_MLIST)

Frequently asked questions

What is CVE-2014-7141?: CVE-2014-7141 is a vulnerability in Squid-cache Squid, classified under CWE-19. Published 2014-11-26.
Is CVE-2014-7141 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.