What is CVE-2018-1000027?

CVE-2018-1000027 is a vulnerability in N/a. Published 2018-02-09.

Is CVE-2018-1000027 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-1000027

The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients…

EPSS: 0.660 (98.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

USN-3557-1 (x_refsource_UBUNTU, vendor-advisory)
www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch (x_refsource_CONFIRM)
DSA-4122 (vendor-advisory, x_refsource_DEBIAN)
www.squid-cache.org/Advisories/SQUID-2018_2.txt (x_refsource_CONFIRM)
[debian-lts-announce] 20180202 [SECURITY] [DLA 1266-1] squid3 security update (mailing-list, x_refsource_MLIST)
github.com/squid-cache/squid/pull/129/files (x_refsource_CONFIRM)
www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch (x_refsource_CONFIRM)
[debian-lts-announce] 20180202 [SECURITY] [DLA 1267-1] squid security update (mailing-list, x_refsource_MLIST)
USN-4059-2 (x_refsource_UBUNTU, vendor-advisory)

Frequently asked questions

What is CVE-2018-1000027?: CVE-2018-1000027 is a vulnerability in N/a. Published 2018-02-09.
Is CVE-2018-1000027 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.