Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2020-04-07 Squid -- multiple vulnerabilities
2019-11-19 squid -- Vulnerable to HTTP Digest Authentication
2018-02-23 squid -- Vulnerable to Denial of Service attack
2016-12-23 squid -- multiple vulnerabilities
2016-05-07 squid -- multiple vulnerabilities
2016-04-21 squid -- multiple vulnerabilities
2016-04-02 squid -- multiple vulnerabilities
2016-02-24 squid -- remote DoS in HTTP response processing
2016-02-18 squid -- SSL/TLS processing remote DoS
2015-09-18 squid -- TLS/SSL parser denial of service vulnerability
2015-07-06 squid -- client-first SSL-bump does not correctly validate X509 server certificate
squid -- Improper Protection of Alternate Path with CONNECT requests
2014-09-18 squid -- Buffer overflow in SNMP processing
2013-07-15 squid -- denial of service
2012-12-28 squid -- denial of service
2010-09-24 squid -- Denial of service vulnerability in request handling
2010-02-14 squid -- Denial of Service vulnerability in HTCP
2010-02-01 squid -- Denial of Service vulnerability in DNS handling
2009-07-27 squid -- several remote denial of service vulnerabilities
2009-02-09 squid -- remote denial of service vulnerability
2007-12-04 Squid -- Denial of Service Vulnerability
2007-03-21 Squid -- TRACE method handling denial of service
2005-11-01 squid -- FTP server response handling denial of service
2005-09-15 squid -- possible denial of service condition regarding NTLM authentication
2005-09-04 squid -- Denial Of Service Vulnerability in sslConnectTimeout
squid -- Possible Denial Of Service Vulnerability in store.c
2005-06-03 squid -- denial-of-service vulnerabilities
2005-05-19 squid -- DNS lookup spoofing vulnerability
squid -- possible abuse of cachemgr.cgi
2005-04-10 squid -- DoS on failed PUT/POST requests vulnerability
2005-02-08 squid -- correct handling of oversized HTTP reply headers
2005-01-28 squid -- buffer overflow in WCCP recvfrom() call
2005-01-24 squid -- possible cache-poisoning via malformed HTTP responses
2005-01-22 squid -- HTTP response splitting cache pollution attack
2005-01-19 squid -- no sanity check of usernames in squid_ldap_auth
2005-01-12 squid -- buffer overflow vulnerability in gopherToHTML
squid -- denial of service with forged WCCP messages
2004-12-23 squid -- confusing results on empty acl declarations
2004-12-09 squid -- possible information disclosure
2004-10-18 squid -- NTLM authentication denial-of-service vulnerability
2004-10-12 squid -- SNMP module denial-of-service vulnerability
2004-06-09 Buffer overflow in Squid NTLM authentication helper
2004-03-26 squid ACL bypass due to URL decoding bug