Important: squid

2014-09-17T21:47:00

Description

**Issue Overview:** A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609) A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115) **Affected Packages:** squid **Issue Correction:** Run _yum update squid_ to update your system. **New Packages:** i686: squid-debuginfo-3.1.10-22.16.amzn1.i686 squid-3.1.10-22.16.amzn1.i686 src: squid-3.1.10-22.16.amzn1.src x86_64: squid-3.1.10-22.16.amzn1.x86_64 squid-debuginfo-3.1.10-22.16.amzn1.x86_64

Affected Package

OS	OS Version	Package Name	Package Version
Amazon Linux	1	squid-debuginfo	3.1.10-22.16.amzn1
Amazon Linux	1	squid	3.1.10-22.16.amzn1
Amazon Linux	1	squid	3.1.10-22.16.amzn1
Amazon Linux	1	squid	3.1.10-22.16.amzn1
Amazon Linux	1	squid-debuginfo	3.1.10-22.16.amzn1

{"id": "ALAS-2014-411", "type": "amazon", "bulletinFamily": "unix", "title": "Important: squid", "description": "**Issue Overview:**\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115)\n\n \n**Affected Packages:** \n\n\nsquid\n\n \n**Issue Correction:** \nRun _yum update squid_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 squid-debuginfo-3.1.10-22.16.amzn1.i686 \n \u00a0\u00a0\u00a0 squid-3.1.10-22.16.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 squid-3.1.10-22.16.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 squid-3.1.10-22.16.amzn1.x86_64 \n \u00a0\u00a0\u00a0 squid-debuginfo-3.1.10-22.16.amzn1.x86_64 \n \n \n", "published": "2014-09-17T21:47:00", "modified": "2014-09-19T12:09:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://alas.aws.amazon.com/ALAS-2014-411.html", "reporter": "Amazon", "references": ["https://rhn.redhat.com/errata/RHSA-2014-1148.html"], "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "immutableFields": [], "lastseen": "2021-07-25T19:31:04", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2014-433"]}, {"type": "centos", "idList": ["CESA-2014:1147", "CESA-2014:1148"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-2756", "CPAI-2014-1840"]}, {"type": "cve", "idList": ["CVE-2013-4115", "CVE-2014-3609"]}, {"type": "debian", "idList": ["DEBIAN:DLA-216-1:70870", "DEBIAN:DLA-45-1:42C71", "DEBIAN:DLA-45-1:B7B7E", "DEBIAN:DSA-3014-1:2BB46", "DEBIAN:DSA-3014-1:C61DA", "DEBIAN:DSA-3139-1:2B6AE", "DEBIAN:DSA-3139-1:F9DCD"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-4115", "DEBIANCVE:CVE-2014-3609"]}, {"type": "fedora", "idList": ["FEDORA:0644E2213A", "FEDORA:0766960D3113", "FEDORA:1BB6C60DB22E", "FEDORA:2D85421A4C", "FEDORA:62EE4224E6", "FEDORA:A6B722376D", "FEDORA:B946B22D78", "FEDORA:D898822AC0"]}, {"type": "gentoo", "idList": ["GLSA-201309-22"]}, {"type": "mageia", "idList": ["MGASA-2013-0227", "MGASA-2013-0228", "MGASA-2014-0369"]}, {"type": "nessus", "idList": ["6931.PRM", "8384.PRM", "ALA_ALAS-2014-411.NASL", "ALA_ALAS-2014-433.NASL", "CENTOS_RHSA-2014-1147.NASL", "CENTOS_RHSA-2014-1148.NASL", "DEBIAN_DLA-216.NASL", "DEBIAN_DLA-45.NASL", "DEBIAN_DSA-3014.NASL", "DEBIAN_DSA-3139.NASL", "FEDORA_2013-13468.NASL", "FEDORA_2013-13493.NASL", "FEDORA_2014-9882.NASL", "FEDORA_2014-9948.NASL", "FEDORA_2014-9963.NASL", "GENTOO_GLSA-201309-22.NASL", "MANDRIVA_MDVSA-2013-199.NASL", "MANDRIVA_MDVSA-2014-177.NASL", "MANDRIVA_MDVSA-2015-103.NASL", "OPENSUSE-2013-698.NASL", "OPENSUSE-2013-699.NASL", "OPENSUSE-2013-700.NASL", "OPENSUSE-2014-548.NASL", "ORACLELINUX_ELSA-2014-1147.NASL", "ORACLELINUX_ELSA-2014-1148.NASL", "REDHAT-RHSA-2014-1147.NASL", "REDHAT-RHSA-2014-1148.NASL", "SL_20140903_SQUID_ON_SL5_X.NASL", "SQUID_3_2_12.NASL", "SQUID_3_4_7.NASL", "SUSE_11_SQUID-130909.NASL", "SUSE_11_SQUID3-140912.NASL", "SUSE_SU-2016-1996-1.NASL", "SUSE_SU-2016-2089-1.NASL", "UBUNTU_USN-2327-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120080", "OPENVAS:1361412562310120342", "OPENVAS:1361412562310121036", "OPENVAS:1361412562310123322", "OPENVAS:1361412562310123323", "OPENVAS:1361412562310703014", "OPENVAS:1361412562310703139", "OPENVAS:1361412562310806106", "OPENVAS:1361412562310841945", "OPENVAS:1361412562310850753", "OPENVAS:1361412562310866446", "OPENVAS:1361412562310866539", "OPENVAS:1361412562310867694", "OPENVAS:1361412562310868166", "OPENVAS:1361412562310868180", "OPENVAS:1361412562310868397", "OPENVAS:1361412562310868398", "OPENVAS:1361412562310871232", "OPENVAS:1361412562310871235", "OPENVAS:1361412562310881993", "OPENVAS:1361412562310881996", "OPENVAS:1361412562310882006", "OPENVAS:703014", "OPENVAS:703139", "OPENVAS:866446", "OPENVAS:866539", "OPENVAS:867694"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-1147", "ELSA-2014-1148"]}, {"type": "osv", "idList": ["OSV:DLA-216-1", "OSV:DLA-45-1", "OSV:DSA-3014-1", "OSV:DSA-3139-1"]}, {"type": "redhat", "idList": ["RHSA-2014:1147", "RHSA-2014:1148"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29651", "SECURITYVULNS:DOC:31068", "SECURITYVULNS:VULN:13190", "SECURITYVULNS:VULN:13948"]}, {"type": "suse", "idList": ["SUSE-SU-2014:1140-1", "SUSE-SU-2016:1996-1", "SUSE-SU-2016:2089-1"]}, {"type": "ubuntu", "idList": ["USN-2327-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-4115", "UB:CVE-2014-3609"]}]}, "score": {"value": 0.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2014-433"]}, {"type": "centos", "idList": ["CESA-2014:1147", "CESA-2014:1148"]}, {"type": "cve", "idList": ["CVE-2013-4115"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3014-1:2BB46"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-4115"]}, {"type": "fedora", "idList": ["FEDORA:0766960D3113"]}, {"type": "gentoo", "idList": ["GLSA-201309-22"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2014-1148/"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-3014.NASL", "MANDRIVA_MDVSA-2013-199.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310868398"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-1147"]}, {"type": "redhat", "idList": ["RHSA-2014:1148"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29651"]}, {"type": "suse", "idList": ["SUSE-SU-2014:1140-1"]}, {"type": "ubuntu", "idList": ["USN-2327-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-4115"]}]}, "exploitation": null, "vulnersScore": 0.9}, "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "1", "packageFilename": "squid-debuginfo-3.1.10-22.16.amzn1.i686.rpm", "arch": "i686", "packageVersion": "3.1.10-22.16.amzn1", "operator": "lt", "packageName": "squid-debuginfo"}, {"OS": "Amazon Linux", "OSVersion": "1", "packageFilename": "squid-3.1.10-22.16.amzn1.i686.rpm", "arch": "i686", "packageVersion": "3.1.10-22.16.amzn1", "operator": "lt", "packageName": "squid"}, {"OS": "Amazon Linux", "OSVersion": "1", "packageFilename": "squid-3.1.10-22.16.amzn1.src.rpm", "arch": "src", "packageVersion": "3.1.10-22.16.amzn1", "operator": "lt", "packageName": "squid"}, {"OS": "Amazon Linux", "OSVersion": "1", "packageFilename": "squid-3.1.10-22.16.amzn1.x86_64.rpm", "arch": "x86_64", "packageVersion": "3.1.10-22.16.amzn1", "operator": "lt", "packageName": "squid"}, {"OS": "Amazon Linux", "OSVersion": "1", "packageFilename": "squid-debuginfo-3.1.10-22.16.amzn1.x86_64.rpm", "arch": "x86_64", "packageVersion": "3.1.10-22.16.amzn1", "operator": "lt", "packageName": "squid-debuginfo"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "edition": 2, "scheme": null, "_state": {"dependencies": 1659998956, "score": 1659980168}, "_internal": {"score_hash": "3bbc3725ed38563bf52cc9cfef67bade"}}

{"nessus": [{"lastseen": "2021-08-19T12:48:41", "description": "An updated squid package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the CVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to this updated package, which contains backported patches to correct these issues. After installing this update, the squid service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-04T00:00:00", "type": "nessus", "title": "CentOS 5 / 6 : squid (CESA-2014:1148)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:squid", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2014-1148.NASL", "href": "https://www.tenable.com/plugins/nessus/77509", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1148 and \n# CentOS Errata and Security Advisory 2014:1148 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77509);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n script_bugtraq_id(61111, 69453);\n script_xref(name:\"RHSA\", value:\"2014:1148\");\n\n script_name(english:\"CentOS 5 / 6 : squid (CESA-2014:1148)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squid package that fixes two security issues is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A\nremote attacker able to send HTTP requests to the Squid proxy could\nuse this flaw to crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the\noriginal reporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing\nthis update, the squid service will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-September/020534.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?098b19d1\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-September/020537.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7b2d3f3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-4115\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"squid-2.6.STABLE21-7.el5_10\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"squid-3.1.10-22.el6_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:01", "description": "An updated squid package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the CVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to this updated package, which contains backported patches to correct these issues. After installing this update, the squid service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-04T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : squid (RHSA-2014:1148)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squid", "p-cpe:/a:redhat:enterprise_linux:squid-debuginfo", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.5"], "id": "REDHAT-RHSA-2014-1148.NASL", "href": "https://www.tenable.com/plugins/nessus/77523", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1148. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77523);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n script_bugtraq_id(61111, 69453);\n script_xref(name:\"RHSA\", value:\"2014:1148\");\n\n script_name(english:\"RHEL 5 / 6 : squid (RHSA-2014:1148)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squid package that fixes two security issues is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A\nremote attacker able to send HTTP requests to the Squid proxy could\nuse this flaw to crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the\noriginal reporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing\nthis update, the squid service will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1148\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-4115\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1148\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"squid-2.6.STABLE21-7.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"squid-2.6.STABLE21-7.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"squid-2.6.STABLE21-7.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"squid-debuginfo-2.6.STABLE21-7.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"squid-debuginfo-2.6.STABLE21-7.el5_10\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"squid-debuginfo-2.6.STABLE21-7.el5_10\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"squid-3.1.10-22.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"squid-3.1.10-22.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"squid-3.1.10-22.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"squid-debuginfo-3.1.10-22.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"squid-debuginfo-3.1.10-22.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.1.10-22.el6_5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:29", "description": "From Red Hat Security Advisory 2014:1148 :\n\nAn updated squid package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the CVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to this updated package, which contains backported patches to correct these issues. After installing this update, the squid service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-04T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : squid (ELSA-2014-1148)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:squid", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2014-1148.NASL", "href": "https://www.tenable.com/plugins/nessus/77517", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1148 and \n# Oracle Linux Security Advisory ELSA-2014-1148 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77517);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n script_bugtraq_id(61111, 69453);\n script_xref(name:\"RHSA\", value:\"2014:1148\");\n\n script_name(english:\"Oracle Linux 5 / 6 : squid (ELSA-2014-1148)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1148 :\n\nAn updated squid package that fixes two security issues is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A\nremote attacker able to send HTTP requests to the Squid proxy could\nuse this flaw to crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the\noriginal reporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing\nthis update, the squid service will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004402.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004405.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"squid-2.6.STABLE21-7.el5_10\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"squid-3.1.10-22.el6_5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T01:49:21", "description": "A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115)", "cvss3": {"score": null, "vector": null}, "published": "2014-10-12T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : squid (ALAS-2014-411)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:squid", "p-cpe:/a:amazon:linux:squid-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-411.NASL", "href": "https://www.tenable.com/plugins/nessus/78354", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-411.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78354);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n script_xref(name:\"ALAS\", value:\"2014-411\");\n script_xref(name:\"RHSA\", value:\"2014:1148\");\n\n script_name(english:\"Amazon Linux AMI : squid (ALAS-2014-411)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A\nremote attacker able to send HTTP requests to the Squid proxy could\nuse this flaw to crash Squid. (CVE-2013-4115)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-411.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update squid' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"squid-3.1.10-22.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"squid-debuginfo-3.1.10-22.16.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:37", "description": "A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115)\n\nAfter installing this update, the squid service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-05T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : squid on SL5.x, SL6.x i386/x86_64 (20140903)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:squid", "p-cpe:/a:fermilab:scientific_linux:squid-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20140903_SQUID_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/77553", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77553);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n\n script_name(english:\"Scientific Linux Security Update : squid on SL5.x, SL6.x i386/x86_64 (20140903)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A\nremote attacker able to send HTTP requests to the Squid proxy could\nuse this flaw to crash Squid. (CVE-2013-4115)\n\nAfter installing this update, the squid service will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1409&L=scientific-linux-errata&T=0&P=192\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?923e6761\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"squid-2.6.STABLE21-7.el5_10\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"squid-debuginfo-2.6.STABLE21-7.el5_10\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"squid-3.1.10-22.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"squid-debuginfo-3.1.10-22.el6_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T01:48:52", "description": "A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115)\n\nSquid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. (CVE-2014-0128)", "cvss3": {"score": null, "vector": null}, "published": "2014-10-24T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : squid (ALAS-2014-433)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-0128", "CVE-2014-3609"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:squid", "p-cpe:/a:amazon:linux:squid-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-433.NASL", "href": "https://www.tenable.com/plugins/nessus/78658", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-433.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78658);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-0128\", \"CVE-2014-3609\");\n script_xref(name:\"ALAS\", value:\"2014-433\");\n script_xref(name:\"RHSA\", value:\"2014:0597\");\n script_xref(name:\"RHSA\", value:\"2014:1148\");\n\n script_name(english:\"Amazon Linux AMI : squid (ALAS-2014-433)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A\nremote attacker able to send HTTP requests to the Squid proxy could\nuse this flaw to crash Squid. (CVE-2013-4115)\n\nSquid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is\nenabled, allows remote attackers to cause a denial of service\n(assertion failure) via a crafted range request, related to state\nmanagement. (CVE-2014-0128)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-433.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update squid' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"squid-3.1.10-29.17.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"squid-debuginfo-3.1.10-29.17.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:53:27", "description": "Squid version prior to 3.x to 3.2.12 or 3.3.x prior to 3.3.7 are potentially affected by a denial of service vulnerability. A buffer overflow exists in the 'idnsALookup' function in the file 'dns_internal.cc' that could allow specially crafted HTTP requests that could result in a denial of service", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "published": "2013-07-19T00:00:00", "type": "nessus", "title": "Squid 3.x < 3.2.12 / 3.3.x < 3.3.7 idnsALookup HTTP Request DoS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*"], "id": "6931.PRM", "href": "https://www.tenable.com/plugins/nnm/6931", "sourceData": "Binary data 6931.prm", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:52:51", "description": "This squid update fixes a buffer overflow issue when squid attempts to resolve an overly long hostname. This can be triggered with specially crafted http requests. (bnc#829084, CVE-2013-4115)\n\nThis update also includes a correction to the last change for logrotate. (bnc#677335)", "cvss3": {"score": null, "vector": null}, "published": "2013-09-20T00:00:00", "type": "nessus", "title": "SuSE 11.2 / 11.3 Security Update : squid (SAT Patch Numbers 8309 / 8310)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:squid", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_SQUID-130909.NASL", "href": "https://www.tenable.com/plugins/nessus/70021", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70021);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4115\");\n\n script_name(english:\"SuSE 11.2 / 11.3 Security Update : squid (SAT Patch Numbers 8309 / 8310)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid update fixes a buffer overflow issue when squid attempts to\nresolve an overly long hostname. This can be triggered with specially\ncrafted http requests. (bnc#829084, CVE-2013-4115)\n\nThis update also includes a correction to the last change for\nlogrotate. (bnc#677335)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4115.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 8309 / 8310 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"squid-2.7.STABLE5-2.12.16.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"squid-2.7.STABLE5-2.12.16.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:00", "description": "This squid3 update includes several security fixes and minor changes.\n\n - squid-3.1.x-bnc829084-CVE-2013-4115-BO_request_handling.\n diff Squid advisory SQUID-2013_2, CVE-2013-4115, [bnc#829084] Specially crafted http requests can trigger a buffer overflow when squid attempts to resolve an overly long hostname.\n\n - run logrotate as squid:nogroup [bnc#677335]", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : squid3 (openSUSE-SU-2013:1441-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:squid3", "p-cpe:/a:novell:opensuse:squid3-debuginfo", "p-cpe:/a:novell:opensuse:squid3-debugsource", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-700.NASL", "href": "https://www.tenable.com/plugins/nessus/75142", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-700.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75142);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4115\");\n\n script_name(english:\"openSUSE Security Update : squid3 (openSUSE-SU-2013:1441-1)\");\n script_summary(english:\"Check for the openSUSE-2013-700 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid3 update includes several security fixes and minor changes.\n\n -\n squid-3.1.x-bnc829084-CVE-2013-4115-BO_request_handling.\n diff Squid advisory SQUID-2013_2, CVE-2013-4115,\n [bnc#829084] Specially crafted http requests can trigger\n a buffer overflow when squid attempts to resolve an\n overly long hostname.\n\n - run logrotate as squid:nogroup [bnc#677335]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-09/msg00030.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"squid3-3.1.23-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"squid3-debuginfo-3.1.23-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"squid3-debugsource-3.1.23-2.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3 / squid3-debuginfo / squid3-debugsource\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:54:10", "description": "Multiple vulnerabilities has been discovered and corrected in squid :\n\nDue to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger a buffer overflow in Squid, resulting in a termination of the Squid service (CVE-2013-4115).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-26T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : squid (MDVSA-2013:199)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:squid", "p-cpe:/a:mandriva:linux:squid-cachemgr", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-199.NASL", "href": "https://www.tenable.com/plugins/nessus/69067", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:199. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69067);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-4115\");\n script_bugtraq_id(61111);\n script_xref(name:\"MDVSA\", value:\"2013:199\");\n\n script_name(english:\"Mandriva Linux Security Advisory : squid (MDVSA-2013:199)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in squid :\n\nDue to incorrect data validation Squid is vulnerable to a buffer\noverflow attack when processing specially crafted HTTP requests. This\nproblem allows any trusted client or client script who can generate\nHTTP requests to trigger a buffer overflow in Squid, resulting in a\ntermination of the Squid service (CVE-2013-4115).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2013-0227.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2013_2.txt\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-cachemgr packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid-cachemgr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"squid-3.1.19-5.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"squid-cachemgr-3.1.19-5.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:53:35", "description": "According to its banner, the version of Squid running on the remote host is 3.x prior to 3.2.12 or 3.3.x prior to 3.3.7 and is, therefore, affected by a denial of service vulnerability. A buffer overflow exists in the 'idnsALookup' function in the file 'dns_internal.cc' that could allow specially crafted HTTP requests that could result in a denial of service.\n\nNote that Nessus has relied only on the version in the proxy server's banner, which is not updated by the patch that the project has released to address this issue. If this patch has been applied properly and the service has been restarted, consider this to be a false positive.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-24T00:00:00", "type": "nessus", "title": "Squid 3.x < 3.2.12 / 3.3.x < 3.3.7 idnsALookup HTTP Request DoS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115"], "modified": "2019-11-27T00:00:00", "cpe": ["cpe:/a:squid-cache:squid"], "id": "SQUID_3_2_12.NASL", "href": "https://www.tenable.com/plugins/nessus/69041", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69041);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/27\");\n\n script_cve_id(\"CVE-2013-4115\");\n script_bugtraq_id(61111);\n\n script_name(english:\"Squid 3.x < 3.2.12 / 3.3.x < 3.3.7 idnsALookup HTTP Request DoS\");\n script_summary(english:\"Checks version of Squid\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy server is affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Squid running on the remote\nhost is 3.x prior to 3.2.12 or 3.3.x prior to 3.3.7 and is, therefore,\naffected by a denial of service vulnerability. A buffer overflow exists\nin the 'idnsALookup' function in the file 'dns_internal.cc' that could\nallow specially crafted HTTP requests that could result in a denial of\nservice.\n\nNote that Nessus has relied only on the version in the proxy server's\nbanner, which is not updated by the patch that the project has released\nto address this issue. If this patch has been applied properly and the\nservice has been restarted, consider this to be a false positive.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2013_2.txt\");\n # http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9200.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7d4a3221\");\n # http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10487.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?01ebdd34\");\n # http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11823.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?04f9aba0\");\n # http://www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12587.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?89d9d13f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Either upgrade to Squid version 3.2.12 / 3.3.7 or later, or apply the\nvendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/24\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squid-cache:squid\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"squid_version.nasl\");\n script_require_keys(\"www/squid\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/http_proxy\", 3128, 8080);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Build a list of ports from the\nlist = get_kb_list(\"http_proxy/*/squid/version\");\nif (isnull(list)) audit(AUDIT_NOT_INST, \"Squid\");\n\n# nb: banner checks of open source software are prone to false-\n# positives so only run the check if reporting is paranoid.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvulnerable = FALSE;\nnot_vuln_list = make_list();\n\nforeach item (keys(list))\n{\n port = ereg_replace(pattern:'^http_proxy/([0-9]+)/squid/version', replace:'\\\\1', string:item);\n version = list[item];\n # Affected:\n\n # Squid 3.x < 3.2.12\n # Squid 3.3.x < 3.3.7\n if (\n version =~ \"^3\\.[0-1]([^0-9]|$)\" ||\n version =~ \"^3\\.2\\.([0-9]|1[0-1])([^0-9]|$)\" ||\n version =~ \"^3\\.3\\.[0-6]([^0-9]|$)\"\n )\n {\n vulnerable = TRUE;\n if (report_verbosity > 0)\n {\n source = get_kb_item('http_proxy/'+port+'/squid/source');\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 3.2.12 / 3.3.7' + '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port:port);\n }\n else not_vuln_list = make_list(not_vuln_list, version + \" on port \" + port);\n}\n\nif (vulnerable) exit(0);\nelse\n{\n installs = max_index(not_vuln_list);\n if (installs == 0) audit(AUDIT_NOT_INST, \"Squid\");\n else if (installs == 1)\n audit(AUDIT_INST_VER_NOT_VULN, \"Squid\", not_vuln_list[0]);\n else\n exit(0, \"The Squid installs (\"+ join(not_vuln_list, sep:\", \") + \") are not affected.\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:26", "description": "Squid versions prior to 3.3.13 and 3.4.7 are potentially affected by a denial of service vulnerability due to an error in the 'src/HttpHdrRange.cc' file.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "published": "2014-09-11T00:00:00", "type": "nessus", "title": "Squid 3.3.x < 3.3.13 / 3.4.x < 3.4.7 Request Parsing Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*"], "id": "8384.PRM", "href": "https://www.tenable.com/plugins/nnm/8384", "sourceData": "Binary data 8384.prm", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:37", "description": "Updated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this issue. Upstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-04T00:00:00", "type": "nessus", "title": "RHEL 7 : squid (RHSA-2014:1147)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squid", "p-cpe:/a:redhat:enterprise_linux:squid-debuginfo", "p-cpe:/a:redhat:enterprise_linux:squid-sysvinit", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2014-1147.NASL", "href": "https://www.tenable.com/plugins/nessus/77522", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1147. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77522);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n script_xref(name:\"RHSA\", value:\"2014:1147\");\n\n script_name(english:\"RHEL 7 : squid (RHSA-2014:1147)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this\nissue. Upstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling this update, the squid service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3609\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected squid, squid-debuginfo and / or squid-sysvinit\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1147\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-3.3.8-12.el7_0\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-3.3.8-12.el7_0\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-debuginfo-3.3.8-12.el7_0\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.3.8-12.el7_0\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-sysvinit-3.3.8-12.el7_0\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.3.8-12.el7_0\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-sysvinit\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:45", "description": "Matthew Daley discovered that Squid3, a fully featured web proxy cache, did not properly perform input validation in request parsing. A remote attacker could use this flaw to mount a denial of service by sending crafted Range requests.", "cvss3": {"score": null, "vector": null}, "published": "2014-08-29T00:00:00", "type": "nessus", "title": "Debian DSA-3014-1 : squid3 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid3", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3014.NASL", "href": "https://www.tenable.com/plugins/nessus/77422", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3014. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77422);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_xref(name:\"DSA\", value:\"3014\");\n\n script_name(english:\"Debian DSA-3014-1 : squid3 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley discovered that Squid3, a fully featured web proxy\ncache, did not properly perform input validation in request parsing. A\nremote attacker could use this flaw to mount a denial of service by\nsending crafted Range requests.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/squid3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-3014\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the squid3 packages.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 3.1.20-2.2+deb7u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"squid-cgi\", reference:\"3.1.20-2.2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3\", reference:\"3.1.20-2.2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3-common\", reference:\"3.1.20-2.2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3-dbg\", reference:\"3.1.20-2.2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squidclient\", reference:\"3.1.20-2.2+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:47:08", "description": "Matthew Daley discovered that squid, a web proxy cache, does not properly perform input validation when parsing requests. A remote attacker could use this flaw to mount a denial of service attack, by sending specially crafted Range requests.", "cvss3": {"score": null, "vector": null}, "published": "2015-01-27T00:00:00", "type": "nessus", "title": "Debian DSA-3139-1 : squid - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3139.NASL", "href": "https://www.tenable.com/plugins/nessus/81006", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3139. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81006);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n script_xref(name:\"DSA\", value:\"3139\");\n\n script_name(english:\"Debian DSA-3139-1 : squid - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley discovered that squid, a web proxy cache, does not\nproperly perform input validation when parsing requests. A remote\nattacker could use this flaw to mount a denial of service attack, by\nsending specially crafted Range requests.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/squid\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3139\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the squid packages.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 2.7.STABLE9-4.1+deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"squid\", reference:\"2.7.STABLE9-4.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid-common\", reference:\"2.7.STABLE9-4.1+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:37", "description": "This update fixes the following security issues and bugs with squid :\n\nA denial of Service in Range header processing was fixed that could be used by proxy users to crash squid. (CVE-2014-3609)\n\nAlso the following bugs were fixed :\n\n - bnc#894840: removed unnecessary 'sharedscripts' in squid's logrotate snippet\n\n - bnc#894636: fixes run of init script when logrotate is called", "cvss3": {"score": null, "vector": null}, "published": "2014-09-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : squid (openSUSE-SU-2014:1144-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource", "cpe:/o:novell:opensuse:12.3", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-548.NASL", "href": "https://www.tenable.com/plugins/nessus/77777", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-548.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77777);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-SU-2014:1144-1)\");\n script_summary(english:\"Check for the openSUSE-2014-548 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues and bugs with squid :\n\nA denial of Service in Range header processing was fixed that could be\nused by proxy users to crash squid. (CVE-2014-3609)\n\nAlso the following bugs were fixed :\n\n - bnc#894840: removed unnecessary 'sharedscripts' in\n squid's logrotate snippet\n\n - bnc#894636: fixes run of init script when logrotate is\n called\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=893649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=894636\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=894840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-09/msg00029.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-3.2.11-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debuginfo-3.2.11-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debugsource-3.2.11-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"squid-3.3.13-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"squid-debuginfo-3.3.13-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"squid-debugsource-3.3.13-2.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:42", "description": "Security fix for CVE-2014-3609\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-23T00:00:00", "type": "nessus", "title": "Fedora 21 : squid-3.4.7-1.fc21 (2014-9882)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squid", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2014-9882.NASL", "href": "https://www.tenable.com/plugins/nessus/77799", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9882.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77799);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n script_xref(name:\"FEDORA\", value:\"2014-9882\");\n\n script_name(english:\"Fedora 21 : squid-3.4.7-1.fc21 (2014-9882)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2014-3609\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1134209\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138206.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b42df45\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"squid-3.4.7-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:39", "description": "Updated squid packages fix security vulnerability :\n\nMatthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service (CVE-2014-3609).", "cvss3": {"score": null, "vector": null}, "published": "2014-09-12T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : squid (MDVSA-2014:177)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:squid", "p-cpe:/a:mandriva:linux:squid-cachemgr", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2014-177.NASL", "href": "https://www.tenable.com/plugins/nessus/77656", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:177. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77656);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n script_xref(name:\"MDVSA\", value:\"2014:177\");\n\n script_name(english:\"Mandriva Linux Security Advisory : squid (MDVSA-2014:177)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages fix security vulnerability :\n\nMatthew Daley discovered that Squid 3 did not properly perform input\nvalidation in request parsing. A remote attacker could send crafted\nRange requests to cause a denial of service (CVE-2014-3609).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0369.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-cachemgr packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid-cachemgr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"squid-3.1.19-6.4.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"squid-cachemgr-3.1.19-6.4.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:46:16", "description": "CVE-2014-3609: Denial of Service in Range header processing.\n\nIgnore Range headers with unidentifiable byte-range values. If squid is unable to determine the byte value for ranges, treat the header as invalid.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-05-01T00:00:00", "type": "nessus", "title": "Debian DLA-216-1 : squid security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid", "p-cpe:/a:debian:debian_linux:squid-common", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-216.NASL", "href": "https://www.tenable.com/plugins/nessus/83168", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-216-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83168);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n\n script_name(english:\"Debian DLA-216-1 : squid security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2014-3609: Denial of Service in Range header processing.\n\nIgnore Range headers with unidentifiable byte-range values. If squid\nis unable to determine the byte value for ranges, treat the header as\ninvalid.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/04/msg00030.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/squid\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected squid, and squid-common packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"squid\", reference:\"2.7.STABLE9-2.1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"squid-common\", reference:\"2.7.STABLE9-2.1+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:32", "description": "Security fix for CVE-2014-3609\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-08T00:00:00", "type": "nessus", "title": "Fedora 20 : squid-3.3.13-1.fc20 (2014-9948)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squid", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-9948.NASL", "href": "https://www.tenable.com/plugins/nessus/77559", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9948.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77559);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n script_xref(name:\"FEDORA\", value:\"2014-9948\");\n\n script_name(english:\"Fedora 20 : squid-3.3.13-1.fc20 (2014-9948)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2014-3609\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1134209\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137253.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?455fbcfd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"squid-3.3.13-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:40", "description": "Squid3 was updated to fix a denial of service in Range Header processing, which would have allowed proxy users to crash the squid proxy process. (CVE-2014-3609)", "cvss3": {"score": null, "vector": null}, "published": "2014-09-18T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : squid3 (SAT Patch Number 9729)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:squid3", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_SQUID3-140912.NASL", "href": "https://www.tenable.com/plugins/nessus/77743", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77743);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3609\");\n\n script_name(english:\"SuSE 11.3 Security Update : squid3 (SAT Patch Number 9729)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Squid3 was updated to fix a denial of service in Range Header\nprocessing, which would have allowed proxy users to crash the squid\nproxy process. (CVE-2014-3609)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=893649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3609.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9729.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"squid3-3.1.12-8.16.20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:29", "description": "Updated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this issue. Upstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-04T00:00:00", "type": "nessus", "title": "CentOS 7 : squid (CESA-2014:1147)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:squid", "p-cpe:/a:centos:centos:squid-sysvinit", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2014-1147.NASL", "href": "https://www.tenable.com/plugins/nessus/77508", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1147 and \n# CentOS Errata and Security Advisory 2014:1147 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77508);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n script_xref(name:\"RHSA\", value:\"2014:1147\");\n\n script_name(english:\"CentOS 7 : squid (CESA-2014:1147)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this\nissue. Upstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling this update, the squid service will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-September/020531.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?650e5019\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3609\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-3.3.8-12.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.3.8-12.el7_0\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-sysvinit\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:37", "description": "From Red Hat Security Advisory 2014:1147 :\n\nUpdated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this issue. Upstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-04T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : squid (ELSA-2014-1147)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:squid", "p-cpe:/a:oracle:linux:squid-sysvinit", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2014-1147.NASL", "href": "https://www.tenable.com/plugins/nessus/77516", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1147 and \n# Oracle Linux Security Advisory ELSA-2014-1147 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77516);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n script_xref(name:\"RHSA\", value:\"2014:1147\");\n\n script_name(english:\"Oracle Linux 7 : squid (ELSA-2014-1147)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1147 :\n\nUpdated squid packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this\nissue. Upstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling this update, the squid service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004398.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"squid-3.3.8-12.el7_0\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.3.8-12.el7_0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-sysvinit\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:32", "description": "Security fix for CVE-2014-3609\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-11T00:00:00", "type": "nessus", "title": "Fedora 19 : squid-3.3.13-1.fc19 (2014-9963)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squid", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2014-9963.NASL", "href": "https://www.tenable.com/plugins/nessus/77617", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9963.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77617);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n script_xref(name:\"FEDORA\", value:\"2014-9963\");\n\n script_name(english:\"Fedora 19 : squid-3.3.13-1.fc19 (2014-9963)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2014-3609\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1134209\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137519.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3946d539\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"squid-3.3.13-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:50", "description": "Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-08-28T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS : squid3 vulnerability (USN-2327-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:squid3", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2327-1.NASL", "href": "https://www.tenable.com/plugins/nessus/77420", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2327-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77420);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_xref(name:\"USN\", value:\"2327-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS : squid3 vulnerability (USN-2327-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley discovered that Squid 3 did not properly perform input\nvalidation in request parsing. A remote attacker could send crafted\nRange requests to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2327-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"squid3\", pkgver:\"3.1.19-1ubuntu3.12.04.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"squid3\", pkgver:\"3.3.8-1ubuntu6.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:46:22", "description": "CVE-2014-3609: Denial of Service in Range header processing.\n\nIgnore Range headers with unidentifiable byte-range values. If squid is unable to determine the byte value for ranges, treat the header as invalid.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-03-26T00:00:00", "type": "nessus", "title": "Debian DLA-45-1 : squid3 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid-cgi", "p-cpe:/a:debian:debian_linux:squid3", "p-cpe:/a:debian:debian_linux:squid3-common", "p-cpe:/a:debian:debian_linux:squid3-dbg", "p-cpe:/a:debian:debian_linux:squidclient", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-45.NASL", "href": "https://www.tenable.com/plugins/nessus/82192", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-45-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82192);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n\n script_name(english:\"Debian DLA-45-1 : squid3 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2014-3609: Denial of Service in Range header processing.\n\nIgnore Range headers with unidentifiable byte-range values. If squid\nis unable to determine the byte value for ranges, treat the header as\ninvalid.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/09/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/squid3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squidclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"squid-cgi\", reference:\"3.1.6-1.2+squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"squid3\", reference:\"3.1.6-1.2+squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"squid3-common\", reference:\"3.1.6-1.2+squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"squid3-dbg\", reference:\"3.1.6-1.2+squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"squidclient\", reference:\"3.1.6-1.2+squeeze4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:40", "description": "According to its banner, the version of Squid running on the remote host is 3.x prior to 3.3.13 or 3.4.7. It is, therefore, affected by a denial of service vulnerability.\n\nThe flaw exists due to user-supplied input not being properly validated in request parsing. This allows a remote attacker to specially craft a request with Range headers with unidentifiable byte-range values to crash the application.\n\nNote that Nessus has relied only on the version in the proxy server's banner. The patch released to address the issue does not update the version in the banner. If the patch has been applied properly, and the service has been restarted, consider this to be a false positive.", "cvss3": {"score": null, "vector": null}, "published": "2014-09-30T00:00:00", "type": "nessus", "title": "Squid 3.x < 3.3.13 / 3.4.7 Request Processing DoS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2018-07-30T00:00:00", "cpe": ["cpe:/a:squid-cache:squid"], "id": "SQUID_3_4_7.NASL", "href": "https://www.tenable.com/plugins/nessus/77985", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77985);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/07/30 15:31:32\");\n\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n\n script_name(english:\"Squid 3.x < 3.3.13 / 3.4.7 Request Processing DoS\");\n script_summary(english:\"Checks the version of Squid.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy server is affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Squid running on the remote\nhost is 3.x prior to 3.3.13 or 3.4.7. It is, therefore, affected by a\ndenial of service vulnerability.\n\nThe flaw exists due to user-supplied input not being properly\nvalidated in request parsing. This allows a remote attacker to\nspecially craft a request with Range headers with unidentifiable\nbyte-range values to crash the application.\n\nNote that Nessus has relied only on the version in the proxy server's\nbanner. The patch released to address the issue does not update the\nversion in the banner. If the patch has been applied properly, and the\nservice has been restarted, consider this to be a false positive.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2014_2.txt\");\n # http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID_3_4_7.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b9a745a4\");\n # http://www.squid-cache.org/Versions/v3/3.3/changesets/SQUID_3_3_13.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e2b5e3b7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Squid version 3.3.13 / 3.4.7 or later, or apply the\nvendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/30\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squid-cache:squid\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"squid_version.nasl\");\n script_require_keys(\"www/squid\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/http_proxy\", 3128, 8080);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Build a list of ports from the\nlist = get_kb_list(\"http_proxy/*/squid/version\");\nif (isnull(list)) audit(AUDIT_NOT_INST, \"Squid\");\n\n# nb: banner checks of open source software are prone to false-\n# positives so only run the check if reporting is paranoid.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvulnerable = FALSE;\nnot_vuln_list = make_list();\n\nforeach item (keys(list))\n{\n port = ereg_replace(pattern:'^http_proxy/([0-9]+)/squid/version', replace:'\\\\1', string:item);\n version = list[item];\n\n # Affected:\n # Squid 3.x < 3.3.13\n # Squid 3.4.x < 3.4.7\n if (\n version =~ \"^3\\.[0-2]([^0-9]|$)\" ||\n version =~ \"^3\\.3\\.([0-9]|1[0-2])([^0-9]|$)\" ||\n version =~ \"^3\\.4\\.[0-6]([^0-9]|$)\"\n )\n {\n vulnerable = TRUE;\n if (report_verbosity > 0)\n {\n source = get_kb_item('http_proxy/'+port+'/squid/source');\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 3.3.13 / 3.4.7' + \n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n }\n else not_vuln_list = make_list(not_vuln_list, version + \" on port \" + port);\n}\n\nif (vulnerable) exit(0);\nelse\n{\n installs = max_index(not_vuln_list);\n if (installs == 0) audit(AUDIT_NOT_INST, \"Squid\");\n else if (installs == 1)\n audit(AUDIT_INST_VER_NOT_VULN, \"Squid\", not_vuln_list[0]);\n else\n exit(0, \"The Squid installs (\"+ join(not_vuln_list, sep:\", \") + \") are not affected.\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:53:24", "description": "This is security update that fixes CVE-2013-4123 and CVE-2013-4115.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-08-05T00:00:00", "type": "nessus", "title": "Fedora 19 : squid-3.2.13-1.fc19 (2013-13468)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squid", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2013-13468.NASL", "href": "https://www.tenable.com/plugins/nessus/69201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-13468.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69201);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n script_bugtraq_id(61111, 61159);\n script_xref(name:\"FEDORA\", value:\"2013-13468\");\n\n script_name(english:\"Fedora 19 : squid-3.2.13-1.fc19 (2013-13468)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is security update that fixes CVE-2013-4123 and CVE-2013-4115.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=983653\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=984632\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113058.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?39ac4bd9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"squid-3.2.13-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:53:26", "description": "This is security update that fixes CVE-2013-4123 and CVE-2013-4115.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-08-05T00:00:00", "type": "nessus", "title": "Fedora 18 : squid-3.2.13-1.fc18 (2013-13493)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squid", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-13493.NASL", "href": "https://www.tenable.com/plugins/nessus/69204", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-13493.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69204);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n script_bugtraq_id(61111, 61159);\n script_xref(name:\"FEDORA\", value:\"2013-13493\");\n\n script_name(english:\"Fedora 18 : squid-3.2.13-1.fc18 (2013-13493)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is security update that fixes CVE-2013-4123 and CVE-2013-4115.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=983653\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=984632\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113071.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?85a1ac71\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"squid-3.2.13-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:27", "description": "This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes problems identifying a port number as specified by the client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2013-699.NASL", "href": "https://www.tenable.com/plugins/nessus/75140", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-699.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75140);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)\");\n script_summary(english:\"Check for the openSUSE-2013-699 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a\n buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes\n problems identifying a port number as specified by the\n client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=830319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debuginfo-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debugsource-3.2.11-3.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:27", "description": "This squid update includes several security fixes and minor changes.\n\n - squid-2.7.x-bnc829084-CVE-2013-4115-BO_request_handling.\n diff Squid advisory SQUID-2013_2, CVE-2013-4115, [bnc#829084] Specially crafted http requests can trigger a buffer overflow when squid attempts to resolve an overly long hostname.\n\n - squid-2.7.x-bnc796999-bnc794954-CVE-2012-5643-CVE-2013-0 188-cachemgr_cgi_dos.diff memory leak in cachemgr.cgi known as CVE-2013-0189, which is the underfixed CVE-2012-5643 problem. [bnc#796999] [bnc#794954]\n\n - run logrotate as squid:nogroup [bnc#677335]", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : squid (openSUSE-SU-2013:1436-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5643", "CVE-2013-0189", "CVE-2013-4115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-698.NASL", "href": "https://www.tenable.com/plugins/nessus/75139", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-698.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75139);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-5643\", \"CVE-2013-0189\", \"CVE-2013-4115\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-SU-2013:1436-1)\");\n script_summary(english:\"Check for the openSUSE-2013-698 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid update includes several security fixes and minor changes.\n\n -\n squid-2.7.x-bnc829084-CVE-2013-4115-BO_request_handling.\n diff Squid advisory SQUID-2013_2, CVE-2013-4115,\n [bnc#829084] Specially crafted http requests can trigger\n a buffer overflow when squid attempts to resolve an\n overly long hostname.\n\n -\n squid-2.7.x-bnc796999-bnc794954-CVE-2012-5643-CVE-2013-0\n 188-cachemgr_cgi_dos.diff memory leak in cachemgr.cgi\n known as CVE-2013-0189, which is the underfixed\n CVE-2012-5643 problem. [bnc#796999] [bnc#794954]\n\n - run logrotate as squid:nogroup [bnc#677335]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=794954\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=796999\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-09/msg00025.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"squid-2.7.STABLE9-9.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"squid-debuginfo-2.7.STABLE9-9.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"squid-debugsource-2.7.STABLE9-9.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:46:36", "description": "Updated squid packages fix security vulnerabilities :\n\nDue to incorrect state management, Squid before 3.3.12 is vulnerable to a denial of service attack when processing certain HTTPS requests if the SSL-Bump feature is enabled (CVE-2014-0128).\n\nMatthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service (CVE-2014-3609).\n\nDue to incorrect buffer management Squid can be caused by an attacker to write outside its allocated SNMP buffer (CVE-2014-6270).\n\nDue to incorrect bounds checking Squid pinger binary is vulnerable to denial of service or information leak attack when processing larger than normal ICMP or ICMPv6 packets (CVE-2014-7141).\n\nDue to incorrect input validation Squid pinger binary is vulnerable to denial of service or information leak attacks when processing ICMP or ICMPv6 packets (CVE-2014-7142).", "cvss3": {"score": null, "vector": null}, "published": "2015-03-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : squid (MDVSA-2015:103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0128", "CVE-2014-3609", "CVE-2014-6270", "CVE-2014-7141", "CVE-2014-7142"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:squid", "p-cpe:/a:mandriva:linux:squid-cachemgr", "cpe:/o:mandriva:business_server:2"], "id": "MANDRIVA_MDVSA-2015-103.NASL", "href": "https://www.tenable.com/plugins/nessus/82356", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:103. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82356);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-0128\", \"CVE-2014-3609\", \"CVE-2014-6270\", \"CVE-2014-7141\", \"CVE-2014-7142\");\n script_xref(name:\"MDVSA\", value:\"2015:103\");\n\n script_name(english:\"Mandriva Linux Security Advisory : squid (MDVSA-2015:103)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages fix security vulnerabilities :\n\nDue to incorrect state management, Squid before 3.3.12 is vulnerable\nto a denial of service attack when processing certain HTTPS requests\nif the SSL-Bump feature is enabled (CVE-2014-0128).\n\nMatthew Daley discovered that Squid 3 did not properly perform input\nvalidation in request parsing. A remote attacker could send crafted\nRange requests to cause a denial of service (CVE-2014-3609).\n\nDue to incorrect buffer management Squid can be caused by an attacker\nto write outside its allocated SNMP buffer (CVE-2014-6270).\n\nDue to incorrect bounds checking Squid pinger binary is vulnerable to\ndenial of service or information leak attack when processing larger\nthan normal ICMP or ICMPv6 packets (CVE-2014-7141).\n\nDue to incorrect input validation Squid pinger binary is vulnerable to\ndenial of service or information leak attacks when processing ICMP or\nICMPv6 packets (CVE-2014-7142).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0168.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0369.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0396.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-cachemgr packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid-cachemgr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"squid-3.3.13-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"squid-cachemgr-3.3.13-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:52:39", "description": "The remote host is affected by the vulnerability described in GLSA-201309-22 (Squid: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker may be able to bypass ACL restrictions or cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-28T00:00:00", "type": "nessus", "title": "GLSA-201309-22 : Squid: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0801", "CVE-2011-4096", "CVE-2012-5643", "CVE-2013-0189", "CVE-2013-1839", "CVE-2013-4115", "CVE-2013-4123"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:squid", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201309-22.NASL", "href": "https://www.tenable.com/plugins/nessus/70182", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201309-22.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70182);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0801\", \"CVE-2011-4096\", \"CVE-2012-5643\", \"CVE-2013-0189\", \"CVE-2013-1839\", \"CVE-2013-4115\", \"CVE-2013-4123\");\n script_bugtraq_id(33858, 50449, 56957, 57646, 58316, 61111, 61159);\n script_xref(name:\"GLSA\", value:\"201309-22\");\n\n script_name(english:\"GLSA-201309-22 : Squid: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201309-22\n(Squid: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Squid. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to bypass ACL restrictions or cause a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201309-22\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Squid users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-proxy/squid-3.2.13'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-proxy/squid\", unaffected:make_list(\"ge 3.2.13\"), vulnerable:make_list(\"lt 3.2.13\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Squid\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-07-05T17:14:22", "description": "This update for squid3 fixes the following issues :\n\n - Multiple issues in pinger ICMP processing.\n (CVE-2014-7141, CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing (bsc#979010)\n\n - fix multiple Denial of Service issues in HTTP Response processing. (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393, bsc#968394, bsc#968395)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 :\n\n - fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-02T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:1996-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3205", "CVE-2011-4096", "CVE-2012-5643", "CVE-2013-0188", "CVE-2013-4115", "CVE-2014-0128", "CVE-2014-6270", "CVE-2014-7141", "CVE-2014-7142", "CVE-2015-5400", "CVE-2016-2390", "CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:squid3", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-1996-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93271", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1996-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93271);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3205\", \"CVE-2011-4096\", \"CVE-2012-5643\", \"CVE-2013-0188\", \"CVE-2013-4115\", \"CVE-2014-0128\", \"CVE-2014-6270\", \"CVE-2014-7141\", \"CVE-2014-7142\", \"CVE-2015-5400\", \"CVE-2016-2390\", \"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n script_bugtraq_id(49356, 50449, 56957, 61111, 66112, 69686, 69688, 70022);\n\n script_name(english:\"SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:1996-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid3 fixes the following issues :\n\n - Multiple issues in pinger ICMP processing.\n (CVE-2014-7141, CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6\n processing. (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP\n Request processing (bsc#979010)\n\n - fix multiple Denial of Service issues in HTTP Response\n processing. (CVE-2016-2569, CVE-2016-2570,\n CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393,\n bsc#968394, bsc#968395)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response\n processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi\n (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 :\n\n - fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc\n (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path\n (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem\n (bsc#895773)\n\n - Memory leak in squid3 when using external_acl\n (bsc#976708)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2011-3205/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2011-4096/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2012-5643/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-0188/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-4115/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-0128/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-6270/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7141/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7142/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5400/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2390/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2570/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2571/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2572/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3947/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3948/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4051/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4052/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4053/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4054/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4553/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4554/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4555/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4556/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161996-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f570bb57\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-squid3-12682=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-squid3-12682=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"squid3-3.1.23-8.16.27.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-05T17:16:57", "description": "This update for squid3 fixes the following issues :\n\n - Multiple issues in pinger ICMP processing.\n (CVE-2014-7141, CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing (bsc#979010)\n\n - Fix multiple Denial of Service issues in HTTP Response processing. (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393, bsc#968394, bsc#968395)\n\n - Regression caused by the DoS fixes above (bsc#993299)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 :\n\n - fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-02T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:2089-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3205", "CVE-2011-4096", "CVE-2012-5643", "CVE-2013-0188", "CVE-2013-4115", "CVE-2014-0128", "CVE-2014-6270", "CVE-2014-7141", "CVE-2014-7142", "CVE-2015-5400", "CVE-2016-2390", "CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:squid3", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-2089-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93294", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2089-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93294);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3205\", \"CVE-2011-4096\", \"CVE-2012-5643\", \"CVE-2013-0188\", \"CVE-2013-4115\", \"CVE-2014-0128\", \"CVE-2014-6270\", \"CVE-2014-7141\", \"CVE-2014-7142\", \"CVE-2015-5400\", \"CVE-2016-2390\", \"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n script_bugtraq_id(49356, 50449, 56957, 61111, 66112, 69686, 69688, 70022);\n\n script_name(english:\"SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:2089-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid3 fixes the following issues :\n\n - Multiple issues in pinger ICMP processing.\n (CVE-2014-7141, CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6\n processing. (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP\n Request processing (bsc#979010)\n\n - Fix multiple Denial of Service issues in HTTP Response\n processing. (CVE-2016-2569, CVE-2016-2570,\n CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393,\n bsc#968394, bsc#968395)\n\n - Regression caused by the DoS fixes above (bsc#993299)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response\n processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi\n (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 :\n\n - fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc\n (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path\n (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem\n (bsc#895773)\n\n - Memory leak in squid3 when using external_acl\n (bsc#976708)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=993299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2011-3205/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2011-4096/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2012-5643/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-0188/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-4115/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-0128/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-6270/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7141/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7142/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5400/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2390/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2570/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2571/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2572/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3947/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3948/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4051/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4052/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4053/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4054/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4553/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4554/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4555/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4556/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162089-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ce87cdd0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-squid3-12701=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-squid3-12701=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"squid3-3.1.23-8.16.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:42", "description": "[7:3.1.10-22]\n- Resolves: #1134936 - CVE-2013-4115 buffer overflow when processing overly long DNS names\n[7:3.1.10-21]\n- Resolves: #1134936 - CVE-2014-3609 assertion failure in header processing", "cvss3": {}, "published": "2014-09-03T00:00:00", "type": "oraclelinux", "title": "squid security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2014-09-03T00:00:00", "id": "ELSA-2014-1148", "href": "http://linux.oracle.com/errata/ELSA-2014-1148.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:57", "description": "[7:3.3.8-12]\n- Resolves: #1134933 - CVE-2014-3609 assertion failure in header processing", "cvss3": {}, "published": "2014-09-03T00:00:00", "type": "oraclelinux", "title": "squid security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-03T00:00:00", "id": "ELSA-2014-1147", "href": "http://linux.oracle.com/errata/ELSA-2014-1147.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-19T18:40:13", "description": "Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote\nattacker able to send HTTP requests to the Squid proxy could use this flaw\nto crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original\nreporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing this\nupdate, the squid service will be restarted automatically.\n", "cvss3": {}, "published": "2014-09-03T00:00:00", "type": "redhat", "title": "(RHSA-2014:1148) Important: squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2018-06-06T16:24:22", "id": "RHSA-2014:1148", "href": "https://access.redhat.com/errata/RHSA-2014:1148", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T04:42:12", "description": "Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this issue.\nUpstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the squid service will be restarted automatically.\n", "cvss3": {}, "published": "2014-09-03T00:00:00", "type": "redhat", "title": "(RHSA-2014:1147) Important: squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2018-04-11T23:32:38", "id": "RHSA-2014:1147", "href": "https://access.redhat.com/errata/RHSA-2014:1147", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:39", "description": "Oracle Linux Local Security Checks ELSA-2014-1148", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-1148", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123322", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123322", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-1148.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123322\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:15 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-1148\");\n script_tag(name:\"insight\", value:\"ELSA-2014-1148 - squid security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-1148\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-1148.html\");\n script_cve_id(\"CVE-2014-3609\", \"CVE-2013-4115\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~2.6.STABLE21~7.el5_10\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.1.10~22.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:00:59", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-411)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120080", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120080", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120080\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:16:59 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-411)\");\n script_tag(name:\"insight\", value:\"A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609 )A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115 )\");\n script_tag(name:\"solution\", value:\"Run yum update squid to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-411.html\");\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~3.1.10~22.16.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.1.10~22.16.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-09-04T00:00:00", "type": "openvas", "title": "RedHat Update for squid RHSA-2014:1148-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871232", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871232", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squid RHSA-2014:1148-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871232\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-04 05:57:09 +0200 (Thu, 04 Sep 2014)\");\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for squid RHSA-2014:1148-01\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote\nattacker able to send HTTP requests to the Squid proxy could use this flaw\nto crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original\nreporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing this\nupdate, the squid service will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"squid on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"RHSA\", value:\"2014:1148-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-September/msg00011.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.1.10~22.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~3.1.10~22.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~2.6.STABLE21~7.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~2.6.STABLE21~7.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-09-04T00:00:00", "type": "openvas", "title": "CentOS Update for squid CESA-2014:1148 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881993", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881993", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squid CESA-2014:1148 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881993\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-04 05:57:49 +0200 (Thu, 04 Sep 2014)\");\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for squid CESA-2014:1148 centos5\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching\nserver for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote\nattacker able to send HTTP requests to the Squid proxy could use this flaw\nto crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original\nreporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing this\nupdate, the squid service will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"squid on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"CESA\", value:\"2014:1148\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-September/020537.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~2.6.STABLE21~7.el5_10\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-09-04T00:00:00", "type": "openvas", "title": "CentOS Update for squid CESA-2014:1148 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881996", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881996", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squid CESA-2014:1148 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881996\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-04 05:58:07 +0200 (Thu, 04 Sep 2014)\");\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for squid CESA-2014:1148 centos6\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching\nserver for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote\nattacker able to send HTTP requests to the Squid proxy could use this flaw\nto crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original\nreporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing this\nupdate, the squid service will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"squid on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"CESA\", value:\"2014:1148\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-September/020534.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.1.10~22.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-09-11T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-9963", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123", "CVE-2014-3609"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868180", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868180", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-9963\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868180\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-11 05:56:51 +0200 (Thu, 11 Sep 2014)\");\n script_cve_id(\"CVE-2014-3609\", \"CVE-2013-4123\", \"CVE-2013-4115\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-9963\");\n script_tag(name:\"affected\", value:\"squid on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-9963\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137519.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.13~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:01:03", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-433)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0128", "CVE-2013-4115", "CVE-2014-3609"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120342", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120342\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:24:06 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-433)\");\n script_tag(name:\"insight\", value:\"A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609 )A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115 )Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. (CVE-2014-0128 )\");\n script_tag(name:\"solution\", value:\"Run yum update squid to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-433.html\");\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\", \"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.1.10~29.17.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~3.1.10~29.17.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:45", "description": "Check the version of squid", "cvss3": {}, "published": "2014-10-15T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-10794", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-6270", "CVE-2013-4115", "CVE-2013-4123", "CVE-2014-3609"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868397", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868397", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-10794\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868397\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-15 06:01:46 +0200 (Wed, 15 Oct 2014)\");\n script_cve_id(\"CVE-2014-6270\", \"CVE-2014-3609\", \"CVE-2013-4123\", \"CVE-2013-4115\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-10794\");\n script_tag(name:\"summary\", value:\"Check the version of squid\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"squid on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-10794\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-October/140795.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.13~2.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:04", "description": "Matthew Daley discovered that squid,\na web proxy cache, does not properly perform input validation when parsing requests.\nA remote attacker could use this flaw to mount a denial of service attack, by\nsending specially crafted Range requests.", "cvss3": {}, "published": "2015-01-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3139-1 (squid - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703139", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703139", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3139.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3139-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703139\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2014-3609\");\n script_name(\"Debian Security Advisory DSA 3139-1 (squid - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-25 00:00:00 +0100 (Sun, 25 Jan 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3139.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"squid on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy),\nthis problem has been fixed in version 2.7.STABLE9-4.1+deb7u1.\n\nWe recommend that you upgrade your squid packages.\");\n script_tag(name:\"summary\", value:\"Matthew Daley discovered that squid,\na web proxy cache, does not properly perform input validation when parsing requests.\nA remote attacker could use this flaw to mount a denial of service attack, by\nsending specially crafted Range requests.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"squid\", ver:\"2.7.STABLE9-4.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid-common\", ver:\"2.7.STABLE9-4.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:30", "description": "Matthew Daley discovered that Squid3, a fully featured web proxy cache,\ndid not properly perform input validation in request parsing. A remote\nattacker could use this flaw to mount a denial of service by sending\ncrafted Range requests.", "cvss3": {}, "published": "2014-08-28T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3014-1 (squid3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310703014", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703014", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3014.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 3014-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703014\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-3609\");\n script_name(\"Debian Security Advisory DSA 3014-1 (squid3 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-28 00:00:00 +0200 (Thu, 28 Aug 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-3014.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"squid3 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), this problem has been fixed in\nversion 3.1.20-2.2+deb7u2.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your squid3 packages.\");\n script_tag(name:\"summary\", value:\"Matthew Daley discovered that Squid3, a fully featured web proxy cache,\ndid not properly perform input validation in request parsing. A remote\nattacker could use this flaw to mount a denial of service by sending\ncrafted Range requests.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T18:37:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-13T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for squid3 (SUSE-SU-2014:1140-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850753", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850753", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850753\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 18:35:00 +0530 (Tue, 13 Oct 2015)\");\n script_cve_id(\"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for squid3 (SUSE-SU-2014:1140-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid3'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Squid3 was updated to fix a denial of service in Range Header processing,\n which would have allowed proxy users to crash the squid proxy process.\n (CVE-2014-3609)\");\n\n script_tag(name:\"affected\", value:\"squid3 on SUSE Linux Enterprise Server 11 SP3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:1140-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP3\") {\n if(!isnull(res = isrpmvuln(pkg:\"squid3\", rpm:\"squid3~3.1.12~8.16.20.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-09-10T00:00:00", "type": "openvas", "title": "CentOS Update for squid CESA-2014:1147 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310882006", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882006", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squid CESA-2014:1147 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882006\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-10 06:20:13 +0200 (Wed, 10 Sep 2014)\");\n script_cve_id(\"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Update for squid CESA-2014:1147 centos7\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching\nserver for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this issue.\nUpstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the squid service will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"squid on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"CESA\", value:\"2014:1147\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-September/020531.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.8~12.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-sysvinit\", rpm:\"squid-sysvinit~3.3.8~12.el7_0\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-08-29T00:00:00", "type": "openvas", "title": "Ubuntu Update for squid3 USN-2327-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841945", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841945", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2327_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for squid3 USN-2327-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841945\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-29 05:52:18 +0200 (Fri, 29 Aug 2014)\");\n script_cve_id(\"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Ubuntu Update for squid3 USN-2327-1\");\n\n script_tag(name:\"affected\", value:\"squid3 on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Matthew Daley discovered that Squid 3 did not properly perform\ninput validation in request parsing. A remote attacker could send crafted Range\nrequests to cause a denial of service.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2327-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2327-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid3'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.3.8-1ubuntu6.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.19-1ubuntu3.12.04.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-09-06T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-9948", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868166", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868166", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-9948\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868166\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-06 05:51:41 +0200 (Sat, 06 Sep 2014)\");\n script_cve_id(\"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-9948\");\n script_tag(name:\"affected\", value:\"squid on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-9948\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137253.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.13~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:56", "description": "Oracle Linux Local Security Checks ELSA-2014-1147", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-1147", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123323", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123323", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-1147.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123323\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:16 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-1147\");\n script_tag(name:\"insight\", value:\"ELSA-2014-1147 - squid security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-1147\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-1147.html\");\n script_cve_id(\"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.8~12.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"squid-sysvinit\", rpm:\"squid-sysvinit~3.3.8~12.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-31T10:48:57", "description": "Matthew Daley discovered that Squid3, a fully featured web proxy cache,\ndid not properly perform input validation in request parsing. A remote\nattacker could use this flaw to mount a denial of service by sending\ncrafted Range requests.", "cvss3": {}, "published": "2014-08-28T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3014-1 (squid3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2017-07-14T00:00:00", "id": "OPENVAS:703014", "href": "http://plugins.openvas.org/nasl.php?oid=703014", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3014.nasl 6724 2017-07-14 09:57:17Z teissa $\n# Auto-generated from advisory DSA 3014-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"squid3 on Debian Linux\";\ntag_insight = \"Squid is a high-performance proxy caching server for web clients, supporting\nFTP, gopher, and HTTP data objects.\";\ntag_solution = \"For the stable distribution (wheezy), this problem has been fixed in\nversion 3.1.20-2.2+deb7u2.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your squid3 packages.\";\ntag_summary = \"Matthew Daley discovered that Squid3, a fully featured web proxy cache,\ndid not properly perform input validation in request parsing. A remote\nattacker could use this flaw to mount a denial of service by sending\ncrafted Range requests.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(703014);\n script_version(\"$Revision: 6724 $\");\n script_cve_id(\"CVE-2014-3609\");\n script_name(\"Debian Security Advisory DSA 3014-1 (squid3 - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-14 11:57:17 +0200 (Fri, 14 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-08-28 00:00:00 +0200 (Thu, 28 Aug 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3014.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.1.20-2.2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:52:48", "description": "Matthew Daley discovered that squid,\na web proxy cache, does not properly perform input validation when parsing requests.\nA remote attacker could use this flaw to mount a denial of service attack, by\nsending specially crafted Range requests.", "cvss3": {}, "published": "2015-01-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3139-1 (squid - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703139", "href": "http://plugins.openvas.org/nasl.php?oid=703139", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3139.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3139-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703139);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2014-3609\");\n script_name(\"Debian Security Advisory DSA 3139-1 (squid - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-01-25 00:00:00 +0100 (Sun, 25 Jan 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3139.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"squid on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package provides the Squid Internet\nObject Cache developed by the National Laboratory for Applied Networking Research\n(NLANR) and Internet volunteers.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthis problem has been fixed in version 2.7.STABLE9-4.1+deb7u1.\n\nWe recommend that you upgrade your squid packages.\");\n script_tag(name: \"summary\", value: \"Matthew Daley discovered that squid,\na web proxy cache, does not properly perform input validation when parsing requests.\nA remote attacker could use this flaw to mount a denial of service attack, by\nsending specially crafted Range requests.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squid\", ver:\"2.7.STABLE9-4.1+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-common\", ver:\"2.7.STABLE9-4.1+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:06", "description": "This host is running Squid and is prone\n to denial of service vulnerability.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Squid HTTP Range Request Handling Denial of Service Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2019-05-20T00:00:00", "id": "OPENVAS:1361412562310806106", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806106", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid HTTP Range Request Handling Denial of Service Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:squid-cache:squid\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806106\");\n script_version(\"2019-05-20T11:12:48+0000\");\n script_cve_id(\"CVE-2014-3609\");\n script_bugtraq_id(69453);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 11:12:48 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 16:31:16 +0530 (Tue, 08 Sep 2015)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Squid HTTP Range Request Handling Denial of Service Vulnerability\");\n\n script_tag(name:\"summary\", value:\"This host is running Squid and is prone\n to denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Due to incorrect input validation in request parsing Squid is\n vulnerable to a denial of service attack when processing\n Range requests.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.x -> 3.3.12\n Squid 3.4 -> 3.4.6\");\n\n script_tag(name:\"solution\", value:\"Apply the patch or upgrade to version\n Squid 3.4.7, 3.3.13 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2014_2.txt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_squid_detect.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\");\n script_require_ports(\"Services/www\", 3128, 8080);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!squidPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!squidVer = get_app_version(cpe:CPE, port:squidPort)){\n exit(0);\n}\n\nif(squidVer !~ \"^3\\.\"){\n exit(99);\n}\n\nif(version_is_less(version:squidVer, test_version:\"3.3.13\"))\n{\n VULN =TRUE;\n Fix = \"3.3.13\";\n}\n\nelse if(version_in_range(version:squidVer, test_version:\"3.4\", test_version2:\"3.4.6\"))\n{\n VULN =TRUE;\n Fix = \"3.4.7\";\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + squidVer + '\\n' +\n 'Fixed version: ' + Fix + '\\n';\n\n security_message(data:report, port:squidPort);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-09-04T00:00:00", "type": "openvas", "title": "RedHat Update for squid RHSA-2014:1147-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871235", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871235", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squid RHSA-2014:1147-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871235\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-04 05:57:16 +0200 (Thu, 04 Sep 2014)\");\n script_cve_id(\"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Update for squid RHSA-2014:1147-01\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this issue.\nUpstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the squid service will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"squid on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"RHSA\", value:\"2014:1147-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-September/msg00010.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.8~12.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~3.3.8~12.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2013-13468", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866539", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866539", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2013-13468\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866539\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:15:21 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2013-13468\");\n\n\n script_tag(name:\"affected\", value:\"squid on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-13468\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113058.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.2.13~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-26T11:10:01", "description": "Check for the Version of squid", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2013-13468", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "modified": "2018-01-25T00:00:00", "id": "OPENVAS:866539", "href": "http://plugins.openvas.org/nasl.php?oid=866539", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2013-13468\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866539);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:15:21 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2013-13468\");\n\n tag_insight = \"Squid is a high-performance proxy caching server for Web clients,\nsupporting FTP, gopher, and HTTP data objects. Unlike traditional\ncaching software, Squid handles all requests in a single,\nnon-blocking, I/O-driven process. Squid keeps meta data and especially\nhot objects cached in RAM, caches DNS lookups, supports non-blocking\nDNS lookups, and implements negative caching of failed requests.\n\nSquid consists of a main server program squid, a Domain Name System\nlookup program (dnsserver), a program for retrieving FTP data\n(ftpget), and some management and client tools.\n\";\n\n tag_affected = \"squid on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-13468\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113058.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of squid\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.2.13~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:12", "description": "Check the version of squid", "cvss3": {}, "published": "2014-10-15T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-10790", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-6270", "CVE-2014-3609"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868398", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868398", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-10790\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868398\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-15 06:02:00 +0200 (Wed, 15 Oct 2014)\");\n script_cve_id(\"CVE-2014-6270\", \"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-10790\");\n script_tag(name:\"summary\", value:\"Check the version of squid\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"squid on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-10790\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-October/140846.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.13~2.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-04-16T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-4800", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0128", "CVE-2013-4115", "CVE-2013-4123"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867694", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-4800\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867694\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-16 11:10:38 +0530 (Wed, 16 Apr 2014)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\", \"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-4800\");\n script_tag(name:\"affected\", value:\"squid on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-4800\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131477.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.12~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:48:36", "description": "Check for the Version of squid", "cvss3": {}, "published": "2014-04-16T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-4800", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0128", "CVE-2013-4115", "CVE-2013-4123"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:867694", "href": "http://plugins.openvas.org/nasl.php?oid=867694", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-4800\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867694);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-16 11:10:38 +0530 (Wed, 16 Apr 2014)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\", \"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-4800\");\n\n tag_insight = \"Squid is a high-performance proxy caching server for Web clients,\nsupporting FTP, gopher, and HTTP data objects. Unlike traditional\ncaching software, Squid handles all requests in a single,\nnon-blocking, I/O-driven process. Squid keeps meta data and especially\nhot objects cached in RAM, caches DNS lookups, supports non-blocking\nDNS lookups, and implements negative caching of failed requests.\n\nSquid consists of a main server program squid, a Domain Name System\nlookup program (dnsserver), a program for retrieving FTP data\n(ftpget), and some management and client tools.\n\";\n\n tag_affected = \"squid on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-4800\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131477.html\");\n script_summary(\"Check for the Version of squid\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.12~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-08T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2013-13493", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5643", "CVE-2013-1839", "CVE-2013-4115", "CVE-2013-4123"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866446", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866446", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2013-13493\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866446\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-08 11:27:39 +0530 (Thu, 08 Aug 2013)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\", \"CVE-2013-1839\", \"CVE-2012-5643\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for squid FEDORA-2013-13493\");\n\n\n script_tag(name:\"affected\", value:\"squid on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-13493\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113071.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.2.13~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-25T10:51:44", "description": "Check for the Version of squid", "cvss3": {}, "published": "2013-08-08T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2013-13493", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5643", "CVE-2013-1839", "CVE-2013-4115", "CVE-2013-4123"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:866446", "href": "http://plugins.openvas.org/nasl.php?oid=866446", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2013-13493\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866446);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-08 11:27:39 +0530 (Thu, 08 Aug 2013)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\", \"CVE-2013-1839\", \"CVE-2012-5643\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for squid FEDORA-2013-13493\");\n\n tag_insight = \"Squid is a high-performance proxy caching server for Web clients,\nsupporting FTP, gopher, and HTTP data objects. Unlike traditional\ncaching software, Squid handles all requests in a single,\nnon-blocking, I/O-driven process. Squid keeps meta data and especially\nhot objects cached in RAM, caches DNS lookups, supports non-blocking\nDNS lookups, and implements negative caching of failed requests.\n\nSquid consists of a main server program squid, a Domain Name System\nlookup program (dnsserver), a program for retrieving FTP data\n(ftpget), and some management and client tools.\n\";\n\n tag_affected = \"squid on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-13493\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113071.html\");\n script_summary(\"Check for the Version of squid\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.2.13~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:51", "description": "Gentoo Linux Local Security Checks GLSA 201309-22", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201309-22", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5643", "CVE-2009-0801", "CVE-2013-1839", "CVE-2013-4115", "CVE-2013-4123", "CVE-2011-4096", "CVE-2013-0189"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121036", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121036", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201309-22.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121036\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:25:58 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201309-22\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201309-22\");\n script_cve_id(\"CVE-2009-0801\", \"CVE-2011-4096\", \"CVE-2012-5643\", \"CVE-2013-0189\", \"CVE-2013-1839\", \"CVE-2013-4115\", \"CVE-2013-4123\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201309-22\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-proxy/squid\", unaffected: make_list(\"ge 3.2.13\"), vulnerable: make_list(\"lt 3.2.13\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2022-02-27T11:53:48", "description": "**CentOS Errata and Security Advisory** CESA-2014:1148\n\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote\nattacker able to send HTTP requests to the Squid proxy could use this flaw\nto crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original\nreporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing this\nupdate, the squid service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2014-September/057453.html\nhttps://lists.centos.org/pipermail/centos-announce/2014-September/057456.html\n\n**Affected packages:**\nsquid\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2014:1148", "cvss3": {}, "published": "2014-09-03T23:16:08", "type": "centos", "title": "squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "modified": "2014-09-04T00:18:56", "id": "CESA-2014:1148", "href": "https://lists.centos.org/pipermail/centos-announce/2014-September/057453.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-27T11:53:48", "description": "**CentOS Errata and Security Advisory** CESA-2014:1147\n\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this issue.\nUpstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the squid service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2014-September/057450.html\n\n**Affected packages:**\nsquid\nsquid-sysvinit\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2014:1147", "cvss3": {}, "published": "2014-09-03T23:09:15", "type": "centos", "title": "squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-03T23:09:15", "id": "CESA-2014:1147", "href": "https://lists.centos.org/pipermail/centos-announce/2014-September/057450.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {}, "published": "2014-09-10T13:25:50", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: squid-3.3.13-1.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123", "CVE-2014-3609"], "modified": "2014-09-10T13:25:50", "id": "FEDORA:B946B22D78", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/27KMENPPJAWRK4KHFNH4WX3B3VU2FEDZ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {}, "published": "2014-10-14T04:40:30", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: squid-3.3.13-2.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123", "CVE-2014-3609", "CVE-2014-6270"], "modified": "2014-10-14T04:40:30", "id": "FEDORA:1BB6C60DB22E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JYXV4A4KBXJCHFIACKWRQJXWDMPIBPW3/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {}, "published": "2014-09-05T22:21:00", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: squid-3.3.13-1.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-05T22:21:00", "id": "FEDORA:0644E2213A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HUNK7GLQTCTB6XZK4V6YFG7S2HWBFRV5/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {}, "published": "2014-09-23T04:45:05", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: squid-3.4.7-1.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-23T04:45:05", "id": "FEDORA:A6B722376D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XJTWZPUYVRLLBI5DTTOHTOFCR6F7IQ4G/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {}, "published": "2013-08-02T21:49:28", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: squid-3.2.13-1.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "modified": "2013-08-02T21:49:28", "id": "FEDORA:D898822AC0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/I2BKI53VEMSKVOOH2ABYBVIF3OV74MMC/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {}, "published": "2014-10-14T04:46:09", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: squid-3.3.13-2.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609", "CVE-2014-6270"], "modified": "2014-10-14T04:46:09", "id": "FEDORA:0766960D3113", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/X243K42YOHGGQANDY6M7SDWCI4JGBZVM/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {}, "published": "2014-04-15T15:38:43", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: squid-3.3.12-1.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123", "CVE-2014-0128"], "modified": "2014-04-15T15:38:43", "id": "FEDORA:2D85421A4C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JW7KEXNPS2OOO2K4FBKIW6ASHHMYMN6J/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {}, "published": "2013-08-02T21:53:16", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: squid-3.2.13-1.fc18", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5643", "CVE-2013-1839", "CVE-2013-4115", "CVE-2013-4123"], "modified": "2013-08-02T21:53:16", "id": "FEDORA:62EE4224E6", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IY2QYHJ2I7PEESWJU4SZGONJWRCJZZKI/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2021-07-25T19:30:52", "description": "**Issue Overview:**\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115)\n\nSquid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. (CVE-2014-0128)\n\n \n**Affected Packages:** \n\n\nsquid\n\n \n**Issue Correction:** \nRun _yum update squid_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 squid-3.1.10-29.17.amzn1.i686 \n \u00a0\u00a0\u00a0 squid-debuginfo-3.1.10-29.17.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 squid-3.1.10-29.17.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 squid-3.1.10-29.17.amzn1.x86_64 \n \u00a0\u00a0\u00a0 squid-debuginfo-3.1.10-29.17.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2014-10-22T20:04:00", "type": "amazon", "title": "Important: squid", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115", "CVE-2014-0128", "CVE-2014-3609"], "modified": "2014-10-22T13:20:00", "id": "ALAS-2014-433", "href": "https://alas.aws.amazon.com/ALAS-2014-433.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "checkpoint_advisories": [{"lastseen": "2022-08-02T07:33:07", "description": "A buffer overflow vulnerability exists in Squid proxy.", "cvss3": {}, "published": "2013-08-25T00:00:00", "type": "checkpoint_advisories", "title": "Preemptive Protection against Squid idnsALookup DNS Name Handling Buffer Overflow (CVE-2013-4115)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-4115"], "modified": "2013-01-01T00:00:00", "id": "CPAI-2013-2756", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-12-17T12:00:23", "description": "A denial of service vulnerability has been reported in Squid. The vulnerability is due to insufficient validation of range headers. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to an affected server. A successful attack will lead to a denial of service condition.", "cvss3": {}, "published": "2014-09-22T00:00:00", "type": "checkpoint_advisories", "title": "Squid Range Header Denial of Service (CVE-2014-3609)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-23T00:00:00", "id": "CPAI-2014-1840", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:24:22", "description": "Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2\nthrough 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a\ndenial of service (memory corruption and server termination) via a long\nname in a DNS lookup request.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=716743>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | this only affects 3.2+ although upstream has a patch for older versions, 3.1 and older perform URL validation before hitting the affected code, so they aren't vulnerable to the security issue. saucy has vulnerable version in -proposed\n", "cvss3": {}, "published": "2013-08-09T00:00:00", "type": "ubuntucve", "title": "CVE-2013-4115", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115"], "modified": "2013-08-09T00:00:00", "id": "UB:CVE-2013-4115", "href": "https://ubuntu.com/security/CVE-2013-4115", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:19:54", "description": "HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows\nremote attackers to cause a denial of service (crash) via a request with\ncrafted \"Range headers with unidentifiable byte-range values.\"", "cvss3": {}, "published": "2014-08-28T00:00:00", "type": "ubuntucve", "title": "CVE-2014-3609", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-08-28T00:00:00", "id": "UB:CVE-2014-3609", "href": "https://ubuntu.com/security/CVE-2014-3609", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-07-09T17:36:24", "description": "Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request.", "cvss3": {}, "published": "2013-08-09T22:55:00", "type": "debiancve", "title": "CVE-2013-4115", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115"], "modified": "2013-08-09T22:55:00", "id": "DEBIANCVE:CVE-2013-4115", "href": "https://security-tracker.debian.org/tracker/CVE-2013-4115", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-09T17:36:24", "description": "HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted \"Range headers with unidentifiable byte-range values.\"", "cvss3": {}, "published": "2014-09-11T18:55:00", "type": "debiancve", "title": "CVE-2014-3609", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-11T18:55:00", "id": "DEBIANCVE:CVE-2014-3609", "href": "https://security-tracker.debian.org/tracker/CVE-2014-3609", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:52", "description": "Crash on invalid Host: header.", "edition": 1, "cvss3": {}, "published": "2013-07-29T00:00:00", "title": "squid DoS", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-4115"], "modified": "2013-07-29T00:00:00", "id": "SECURITYVULNS:VULN:13190", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13190", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:48", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2013:199\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : squid\r\n Date : July 25, 2013\r\n Affected: Business Server 1.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been discovered and corrected in squid:\r\n \r\n Due to incorrect data validation Squid is vulnerable to a buffer\r\n overflow attack when processing specially crafted HTTP requests. This\r\n problem allows any trusted client or client script who can generate\r\n HTTP requests to trigger a buffer overflow in Squid, resulting in a\r\n termination of the Squid service (CVE-2013-4115).\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4115\r\n http://advisories.mageia.org/MGASA-2013-0227.html\r\n http://www.squid-cache.org/Advisories/SQUID-2013_2.txt\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n ffce88499a510acbcb177beac961e9b5 mes5/i586/squid-3.0-22.7mdvmes5.2.i586.rpm\r\n 7ef29bd52a77c505ec582ff43fd4880e mes5/i586/squid-cachemgr-3.0-22.7mdvmes5.2.i586.rpm \r\n d8de5bdfa7aaf524b2a94d8ce7c59629 mes5/SRPMS/squid-3.0-22.7mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 10ee4e981bf49d1767b56e15a0af9539 mes5/x86_64/squid-3.0-22.7mdvmes5.2.x86_64.rpm\r\n bf67fa8e85c5b57a7f1cb23c170d2833 mes5/x86_64/squid-cachemgr-3.0-22.7mdvmes5.2.x86_64.rpm \r\n d8de5bdfa7aaf524b2a94d8ce7c59629 mes5/SRPMS/squid-3.0-22.7mdvmes5.2.src.rpm\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 6ad99274db9760788fe533ed03672813 mbs1/x86_64/squid-3.1.19-5.3.mbs1.x86_64.rpm\r\n 7d66032f7c6d79a90ad2ab8ac787e79e mbs1/x86_64/squid-cachemgr-3.1.19-5.3.mbs1.x86_64.rpm \r\n 223b131a5049b8b4c5f1f6b0b1c23bf9 mbs1/SRPMS/squid-3.1.19-5.3.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFR8SC/mqjQ0CJFipgRAiaRAKCrvic5GEfc4/CKdLurJ4y37O6p6ACg6Zrd\r\n5atifJVNW28SfiaXIscr7q8=\r\n=Xl/9\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2013-07-29T00:00:00", "title": "[ MDVSA-2013:199 ] squid", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-4115"], "modified": "2013-07-29T00:00:00", "id": "SECURITYVULNS:DOC:29651", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29651", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:56", "description": "DoS via Range: request.", "edition": 1, "cvss3": {}, "published": "2014-09-02T00:00:00", "title": "squid DoS", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-02T00:00:00", "id": "SECURITYVULNS:VULN:13948", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13948", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:53", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3014-1 security@debian.org\r\nhttp://www.debian.org/security/ Salvatore Bonaccorso\r\nAugust 28, 2014 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : squid3\r\nCVE ID : CVE-2014-3609\r\nDebian Bug : 759509\r\n\r\nMatthew Daley discovered that Squid3, a fully featured web proxy cache,\r\ndid not properly perform input validation in request parsing. A remote\r\nattacker could use this flaw to mount a denial of service by sending\r\ncrafted Range requests.\r\n\r\nFor the stable distribution (wheezy), this problem has been fixed in\r\nversion 3.1.20-2.2+deb7u2.\r\n\r\nFor the unstable distribution (sid), this problem will be fixed soon.\r\n\r\nWe recommend that you upgrade your squid3 packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBCgAGBQJT/0wVAAoJEAVMuPMTQ89EDHAP/3gCb0fqRCHT2TjAkO2N3Nr4\r\nr+FbG3RIGEhF4iCCeXbVkTMEegDoRctwIU0eVApqVN5sq3ienhk6/mHs7aF9YVHM\r\nTLNn1F7qBgbe8kt6QNVkl7BmkZHOTyr6tUyvLcDUL86P1dEITTbTfZtZ3tR3+ZQG\r\naKcaosFgctw2/Qkk06umgUP1UEJQ64qwnO6YGDgV+ufNZPs+179q1egki7NwTcmu\r\nHHDGAhdR+TabfYeXJON0phlVuJefpakZHQ9ijy8A1q4dYQmaufjHTdbD1H9XtVLe\r\nz2ukKTW0xqEeswx9tDlOl+lBtxYe7Hsj6m4UZUHvs5SWFHP15vN8Iu8/alag2pIn\r\nQM8/OI8lEQpT/x/sH49eC1OV+VybYiwvsfHno/sC66z/lJdvAqVjW/LdSzRggsbS\r\nMaGZlu2ojxbVZXktOarYC8/d/wRBamlskngKnLDzN1Q6pFEwKqqfIJDOceK+ErcQ\r\nkdylGgHtbQoTgp/cdGJ9tnxg5q0AGPe6ZIM4sTeha4hgyz5Zee23TVcnU/z5WVuR\r\nS9ggqRTXIqyWm2LyDJTBdiGUBmwyWaioIQX7WjIt8ZkKwI2gR//dkwijRvOCjCrk\r\nHLJvu49QaO4PMmDQh82etQ3HjrJBdsGuHEQk0wfwjlMM2jFVvcsEroAidsDnVWp9\r\nsISN74vSxWmaDEQ3CPiQ\r\n=S8Ft\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2014-09-02T00:00:00", "title": "[SECURITY] [DSA 3014-1] squid3 security update", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-02T00:00:00", "id": "SECURITYVULNS:DOC:31068", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31068", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger a buffer overflow in Squid, resulting in a termination of the Squid service (CVE-2013-4115). \n", "cvss3": {}, "published": "2013-07-21T20:16:43", "type": "mageia", "title": "Updated squid packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115"], "modified": "2013-07-21T20:16:43", "id": "MGASA-2013-0227", "href": "https://advisories.mageia.org/MGASA-2013-0227.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T11:19:34", "description": "Updated squid packages fix security vulnerability: Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service (CVE-2014-3609). \n", "cvss3": {}, "published": "2014-09-05T09:07:37", "type": "mageia", "title": "Updated squid packages fix CVE-2014-3609\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-05T09:07:37", "id": "MGASA-2014-0369", "href": "https://advisories.mageia.org/MGASA-2014-0369.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-18T11:19:34", "description": "Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger a buffer overflow in Squid, resulting in a termination of the Squid service (CVE-2013-4115). Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted HTTP requests. This problem allows any client who can generate HTTP requests to perform a denial of service attack on the Squid service (CVE-2013-4123). Also, due to being renamed in Squid 3.2, the Squid external acl helpers for matching against IP addresses and LDAP groups were not selected to be built in the squid package for Mageia 3. This has been corrected and these helpers are now included. Additionally, the helpers for eDirectory IP address lookups and matching LDAP groups using Kerberos credentials have also been included. \n", "cvss3": {}, "published": "2013-07-21T20:18:36", "type": "mageia", "title": "Updated squid packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "modified": "2013-07-21T20:18:36", "id": "MGASA-2013-0228", "href": "https://advisories.mageia.org/MGASA-2013-0228.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T13:24:08", "description": "Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request.", "cvss3": {}, "published": "2013-08-09T22:55:00", "type": "cve", "title": "CVE-2013-4115", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4115"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:squid-cache:squid:3.3.6", "cpe:/o:opensuse:opensuse:12.3", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/o:opensuse:opensuse:12.2", "cpe:/a:squid-cache:squid:3.2.0.6", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/a:squid-cache:squid:3.3.0", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/o:opensuse:opensuse:11.4", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.2.0.2", "cpe:/a:squid-cache:squid:3.3.1"], "id": "CVE-2013-4115", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4115", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:57:42", "description": "HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted \"Range headers with unidentifiable byte-range values.\"", "cvss3": {}, "published": "2014-09-11T18:55:00", "type": "cve", "title": "CVE-2014-3609", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2017-01-07T03:00:00", "cpe": ["cpe:/a:squid-cache:squid:3.1.6", "cpe:/a:squid-cache:squid:3.2.0.18", "cpe:/a:squid-cache:squid:3.2.0.12", "cpe:/a:squid-cache:squid:3.1.15", "cpe:/a:squid-cache:squid:3.1.1", "cpe:/a:squid-cache:squid:3.2.0.1", "cpe:/a:squid-cache:squid:3.3.0", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.2.0.13", "cpe:/a:squid-cache:squid:3.2.8", "cpe:/a:squid-cache:squid:3.1.3", "cpe:/a:squid-cache:squid:3.1.0.18", "cpe:/a:squid-cache:squid:3.2.0.15", "cpe:/a:squid-cache:squid:3.3.8", "cpe:/a:squid-cache:squid:3.4.5", "cpe:/a:squid-cache:squid:3.2.5", "cpe:/a:squid-cache:squid:3.4.1", "cpe:/a:squid-cache:squid:3.1.0.5", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/a:squid-cache:squid:3.1.0.14", "cpe:/a:squid-cache:squid:3.1.5.1", "cpe:/a:squid-cache:squid:3.2.0.17", "cpe:/a:squid-cache:squid:3.1.0.16", "cpe:/a:squid-cache:squid:3.1.13", "cpe:/a:squid-cache:squid:3.2.9", "cpe:/a:squid-cache:squid:3.1.12", "cpe:/a:squid-cache:squid:3.1.0.12", "cpe:/a:squid-cache:squid:3.1.5", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.3.7", "cpe:/a:squid-cache:squid:3.2.2", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.4.4", "cpe:/a:squid-cache:squid:3.2.1", "cpe:/a:squid-cache:squid:3.2.0.2", "cpe:/a:squid-cache:squid:3.1.8", "cpe:/a:squid-cache:squid:3.1.0.1", "cpe:/a:squid-cache:squid:3.1.0.13", "cpe:/a:squid-cache:squid:3.1.11", "cpe:/a:squid-cache:squid:3.3.10", "cpe:/a:squid-cache:squid:3.3.6", "cpe:/a:squid-cache:squid:3.1.0.10", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/a:squid-cache:squid:3.1.4", "cpe:/a:squid-cache:squid:3.2.12", "cpe:/a:squid-cache:squid:3.1.0.17", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.1.0.3", "cpe:/a:squid-cache:squid:3.4.0.2", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.1.0.8", "cpe:/a:squid-cache:squid:3.4.2", "cpe:/a:squid-cache:squid:3.2.0.11", "cpe:/a:squid-cache:squid:3.2.0.10", "cpe:/a:squid-cache:squid:3.1.0.2", "cpe:/a:squid-cache:squid:3.4.0.3", "cpe:/a:squid-cache:squid:3.2.11", "cpe:/a:squid-cache:squid:3.2.3", "cpe:/a:squid-cache:squid:3.1.0.15", "cpe:/a:squid-cache:squid:3.2.0.6", "cpe:/a:squid-cache:squid:3.1.7", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.2.6", "cpe:/a:squid-cache:squid:3.1.2", "cpe:/a:squid-cache:squid:3.3.9", "cpe:/a:squid-cache:squid:3.4.0.1", "cpe:/a:squid-cache:squid:3.3.1", "cpe:/a:squid-cache:squid:3.1.9", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/a:squid-cache:squid:3.1.0.11", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.2.0.14", "cpe:/a:squid-cache:squid:3.1", "cpe:/a:squid-cache:squid:3.3.11", "cpe:/a:squid-cache:squid:3.1.0.9", "cpe:/a:squid-cache:squid:3.4.3", "cpe:/a:squid-cache:squid:3.1.0.4", "cpe:/a:squid-cache:squid:3.2.0.19", "cpe:/a:squid-cache:squid:3.2.10", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.2.4", "cpe:/a:squid-cache:squid:3.1.14", "cpe:/a:squid-cache:squid:3.1.10", "cpe:/a:squid-cache:squid:3.1.0.6", "cpe:/a:squid-cache:squid:3.2.7", "cpe:/a:squid-cache:squid:3.1.0.7", "cpe:/a:squid-cache:squid:3.2.0.16"], "id": "CVE-2014-3609", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3609", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.11:*:*:*:*:*:*:*"]}], "osv": [{"lastseen": "2022-07-21T08:27:40", "description": "\nMatthew Daley discovered that squid, a web proxy cache, does not\nproperly perform input validation when parsing requests. A remote\nattacker could use this flaw to mount a denial of service attack, by\nsending specially crafted Range requests.\n\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 2.7.STABLE9-4.1+deb7u1.\n\n\nWe recommend that you upgrade your squid packages.\n\n\n", "cvss3": {}, "published": "2015-01-25T00:00:00", "type": "osv", "title": "squid - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2022-07-21T05:48:32", "id": "OSV:DSA-3139-1", "href": "https://osv.dev/vulnerability/DSA-3139-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-21T08:13:44", "description": "\n[CVE-2014-3609](https://security-tracker.debian.org/tracker/CVE-2014-3609): Denial of Service in Range header processing.\n\n\nIgnore Range headers with unidentifiable byte-range values. If squid is\nunable to determine the byte value for ranges, treat the header as\ninvalid.\n\n\nFor Debian 6 Squeeze, these issues have been fixed in squid3 version 3.1.6-1.2+squeeze4\n\n\n", "cvss3": {}, "published": "2014-09-04T00:00:00", "type": "osv", "title": "squid3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2022-07-21T05:54:25", "id": "OSV:DLA-45-1", "href": "https://osv.dev/vulnerability/DLA-45-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-05T05:19:06", "description": "\n* [CVE-2014-3609](https://security-tracker.debian.org/tracker/CVE-2014-3609)\nDenial of Service in Range header processing.\n\n\nIgnore Range headers with unidentifiable byte-range values. If squid is\nunable to determine the byte value for ranges, treat the header as\ninvalid.\n\n\n", "cvss3": {}, "published": "2015-05-01T00:00:00", "type": "osv", "title": "squid - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2022-08-05T05:18:44", "id": "OSV:DLA-216-1", "href": "https://osv.dev/vulnerability/DLA-216-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:09:19", "description": "\nMatthew Daley discovered that Squid3, a fully featured web proxy cache,\ndid not properly perform input validation in request parsing. A remote\nattacker could use this flaw to mount a denial of service by sending\ncrafted Range requests.\n\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 3.1.20-2.2+deb7u2.\n\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\n\nWe recommend that you upgrade your squid3 packages.\n\n\n", "cvss3": {}, "published": "2014-08-28T00:00:00", "type": "osv", "title": "squid3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2022-08-10T07:09:15", "id": "OSV:DSA-3014-1", "href": "https://osv.dev/vulnerability/DSA-3014-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2021-10-23T22:39:33", "description": "Package : squid3\nVersion : 3.1.6-1.2+squeeze4\nCVE ID : CVE-2014-3609\n\nCVE-2014-3609: Denial of Service in Range header processing.\n\nIgnore Range headers with unidentifiable byte-range values. If squid is\nunable to determine the byte value for ranges, treat the header as\ninvalid.\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part.\n", "cvss3": {}, "published": "2014-09-04T18:46:15", "type": "debian", "title": "[SECURITY] [DLA 45-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-04T18:46:15", "id": "DEBIAN:DLA-45-1:B7B7E", "href": "https://lists.debian.org/debian-lts-announce/2014/09/msg00002.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T23:04:23", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3014-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nAugust 28, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : squid3\nCVE ID : CVE-2014-3609\nDebian Bug : 759509\n\nMatthew Daley discovered that Squid3, a fully featured web proxy cache,\ndid not properly perform input validation in request parsing. A remote\nattacker could use this flaw to mount a denial of service by sending\ncrafted Range requests.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 3.1.20-2.2+deb7u2.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your squid3 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-08-28T15:36:10", "type": "debian", "title": "[SECURITY] [DSA 3014-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-08-28T15:36:10", "id": "DEBIAN:DSA-3014-1:C61DA", "href": "https://lists.debian.org/debian-security-announce/2014/msg00199.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T22:58:45", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3139-1 security@debian.org\nhttp://www.debian.org/security/ Sebastien Delafond\nJanuary 25, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : squid\nCVE ID : CVE-2014-3609\nDebian Bug : 776194\n\nMatthew Daley discovered that squid, a web proxy cache, does not\nproperly perform input validation when parsing requests. A remote\nattacker could use this flaw to mount a denial of service attack, by\nsending specially crafted Range requests.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 2.7.STABLE9-4.1+deb7u1.\n\nWe recommend that you upgrade your squid packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-01-25T16:37:50", "type": "debian", "title": "[SECURITY] [DSA 3139-1] squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2015-01-25T16:37:50", "id": "DEBIAN:DSA-3139-1:2B6AE", "href": "https://lists.debian.org/debian-security-announce/2015/msg00022.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-11T00:55:29", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3014-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nAugust 28, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : squid3\nCVE ID : CVE-2014-3609\nDebian Bug : 759509\n\nMatthew Daley discovered that Squid3, a fully featured web proxy cache,\ndid not properly perform input validation in request parsing. A remote\nattacker could use this flaw to mount a denial of service by sending\ncrafted Range requests.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 3.1.20-2.2+deb7u2.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your squid3 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-08-28T15:36:10", "type": "debian", "title": "[SECURITY] [DSA 3014-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-08-28T15:36:10", "id": "DEBIAN:DSA-3014-1:2BB46", "href": "https://lists.debian.org/debian-security-announce/2014/msg00199.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-23T04:47:02", "description": "Package : squid\nVersion : 2.7.STABLE9-2.1+deb6u1\nCVE ID : CVE-2014-3609\n\nCVE-2014-3609: Denial of Service in Range header processing.\n\nIgnore Range headers with unidentifiable byte-range values. If squid is\nunable to determine the byte value for ranges, treat the header as\ninvalid.\nAttachment:\nsignature.asc\nDescription: Digital signature\n", "cvss3": {}, "published": "2015-04-30T22:31:16", "type": "debian", "title": "[SECURITY] [DLA 216-1] squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2015-04-30T22:31:16", "id": "DEBIAN:DLA-216-1:70870", "href": "https://lists.debian.org/debian-lts-announce/2015/04/msg00030.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-17T06:40:38", "description": "Package : squid3\nVersion : 3.1.6-1.2+squeeze4\nCVE ID : CVE-2014-3609\n\nCVE-2014-3609: Denial of Service in Range header processing.\n\nIgnore Range headers with unidentifiable byte-range values. If squid is\nunable to determine the byte value for ranges, treat the header as\ninvalid.\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part.\n", "cvss3": {}, "published": "2014-09-04T18:46:15", "type": "debian", "title": "[SECURITY] [DLA 45-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-04T18:46:15", "id": "DEBIAN:DLA-45-1:42C71", "href": "https://lists.debian.org/debian-lts-announce/2014/09/msg00002.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-04T00:24:29", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3139-1 security@debian.org\nhttp://www.debian.org/security/ Sebastien Delafond\nJanuary 25, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : squid\nCVE ID : CVE-2014-3609\nDebian Bug : 776194\n\nMatthew Daley discovered that squid, a web proxy cache, does not\nproperly perform input validation when parsing requests. A remote\nattacker could use this flaw to mount a denial of service attack, by\nsending specially crafted Range requests.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 2.7.STABLE9-4.1+deb7u1.\n\nWe recommend that you upgrade your squid packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-01-25T16:37:50", "type": "debian", "title": "[SECURITY] [DSA 3139-1] squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2015-01-25T16:37:50", "id": "DEBIAN:DSA-3139-1:F9DCD", "href": "https://lists.debian.org/debian-security-announce/2015/msg00022.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:30:16", "description": "Squid3 was updated to fix a denial of service in Range Header processing,\n which would have allowed proxy users to crash the squid proxy process.\n (CVE-2014-3609)\n\n Security Issues:\n\n * CVE-2014-3609\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609</a>>\n\n", "cvss3": {}, "published": "2014-09-18T00:05:25", "type": "suse", "title": "Security update for squid3 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-3609"], "modified": "2014-09-18T00:05:25", "id": "SUSE-SU-2014:1140-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00025.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:13:39", "description": "This update for squid3 fixes the following issues:\n\n - Multiple issues in pinger ICMP processing. (CVE-2014-7141,\n CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing.\n (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing\n (bsc#979010)\n\n - Fix multiple Denial of Service issues in HTTP Response processing.\n (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392,\n bsc#968393, bsc#968394, bsc#968395)\n - Regression caused by the DoS fixes above (bsc#993299)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing\n (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:\n * fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\n", "cvss3": {}, "published": "2016-08-16T18:08:55", "type": "suse", "title": "Security update for squid3 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-7141", "CVE-2015-5400", "CVE-2014-6270", "CVE-2012-5643", "CVE-2016-4051", "CVE-2014-0128", "CVE-2016-4555", "CVE-2016-2570", "CVE-2016-4052", "CVE-2013-4115", "CVE-2016-3947", "CVE-2016-2569", "CVE-2013-0188", "CVE-2011-3205", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-2571", "CVE-2011-4096", "CVE-2016-4054", "CVE-2016-2390", "CVE-2016-4053", "CVE-2016-3948", "CVE-2016-2572", "CVE-2014-7142"], "modified": "2016-08-16T18:08:55", "id": "SUSE-SU-2016:2089-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:09:51", "description": "This update for squid3 fixes the following issues:\n\n - Multiple issues in pinger ICMP processing. (CVE-2014-7141,\n CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing.\n (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing\n (bsc#979010)\n\n - fix multiple Denial of Service issues in HTTP Response processing.\n (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392,\n bsc#968393, bsc#968394, bsc#968395)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing\n (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:\n * fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\n", "cvss3": {}, "published": "2016-08-09T17:12:26", "type": "suse", "title": "Security update for squid3 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-7141", "CVE-2015-5400", "CVE-2014-6270", "CVE-2012-5643", "CVE-2016-4051", "CVE-2014-0128", "CVE-2016-4555", "CVE-2016-2570", "CVE-2016-4052", "CVE-2013-4115", "CVE-2016-3947", "CVE-2016-2569", "CVE-2013-0188", "CVE-2011-3205", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-2571", "CVE-2011-4096", "CVE-2016-4054", "CVE-2016-2390", "CVE-2016-4053", "CVE-2016-3948", "CVE-2016-2572", "CVE-2014-7142"], "modified": "2016-08-09T17:12:26", "id": "SUSE-SU-2016:1996-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2022-01-04T12:49:14", "description": "Matthew Daley discovered that Squid 3 did not properly perform input \nvalidation in request parsing. A remote attacker could send crafted Range \nrequests to cause a denial of service.\n", "cvss3": {}, "published": "2014-08-28T00:00:00", "type": "ubuntu", "title": "Squid 3 vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3609"], "modified": "2014-08-28T00:00:00", "id": "USN-2327-1", "href": "https://ubuntu.com/security/notices/USN-2327-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:10:34", "description": "### Background\n\nSquid is a full-featured web proxy cache.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker may be able to bypass ACL restrictions or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Squid users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-proxy/squid-3.2.13\"", "cvss3": {}, "published": "2013-09-27T00:00:00", "type": "gentoo", "title": "Squid: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0801", "CVE-2011-4096", "CVE-2012-5643", "CVE-2013-0189", "CVE-2013-1839", "CVE-2013-4115", "CVE-2013-4123"], "modified": "2013-09-27T00:00:00", "id": "GLSA-201309-22", "href": "https://security.gentoo.org/glsa/201309-22", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}

Important: squid

Description

Affected Package

Related