Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS-2023-2354
HistoryNov 29, 2023 - 10:19 p.m.

Important: squid

2023-11-2922:19:00
alas.aws.amazon.com
12
squid
proxy
web
vulnerability
dos
ssl
certificate
validation
gopher
protocol

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.7%

JSON

Issue Overview:

Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid’s patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages. (CVE-2023-46724)

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid’s Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggering this bug are possible to be received from any gopher server, even those without malicious intent. Gopher support has been removed in Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should reject all gopher URL requests. (CVE-2023-46728)

Affected Packages:

squid

Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update squid to update your system.

New Packages:

aarch64:  
    squid-3.5.20-17.amzn2.7.14.aarch64  
    squid-sysvinit-3.5.20-17.amzn2.7.14.aarch64  
    squid-migration-script-3.5.20-17.amzn2.7.14.aarch64  
    squid-debuginfo-3.5.20-17.amzn2.7.14.aarch64  
  
i686:  
    squid-3.5.20-17.amzn2.7.14.i686  
    squid-sysvinit-3.5.20-17.amzn2.7.14.i686  
    squid-migration-script-3.5.20-17.amzn2.7.14.i686  
    squid-debuginfo-3.5.20-17.amzn2.7.14.i686  
  
src:  
    squid-3.5.20-17.amzn2.7.14.src  
  
x86_64:  
    squid-3.5.20-17.amzn2.7.14.x86_64  
    squid-sysvinit-3.5.20-17.amzn2.7.14.x86_64  
    squid-migration-script-3.5.20-17.amzn2.7.14.x86_64  
    squid-debuginfo-3.5.20-17.amzn2.7.14.x86_64

Additional References

Red Hat: CVE-2023-46724, CVE-2023-46728

Mitre: CVE-2023-46724, CVE-2023-46728

OSVersionArchitecturePackageVersionFilename
Amazon Linux2aarch64squid< 3.5.20-17.amzn2.7.14squid-3.5.20-17.amzn2.7.14.aarch64.rpm
Amazon Linux2aarch64squid-sysvinit< 3.5.20-17.amzn2.7.14squid-sysvinit-3.5.20-17.amzn2.7.14.aarch64.rpm
Amazon Linux2aarch64squid-migration-script< 3.5.20-17.amzn2.7.14squid-migration-script-3.5.20-17.amzn2.7.14.aarch64.rpm
Amazon Linux2aarch64squid-debuginfo< 3.5.20-17.amzn2.7.14squid-debuginfo-3.5.20-17.amzn2.7.14.aarch64.rpm
Amazon Linux2i686squid< 3.5.20-17.amzn2.7.14squid-3.5.20-17.amzn2.7.14.i686.rpm
Amazon Linux2i686squid-sysvinit< 3.5.20-17.amzn2.7.14squid-sysvinit-3.5.20-17.amzn2.7.14.i686.rpm
Amazon Linux2i686squid-migration-script< 3.5.20-17.amzn2.7.14squid-migration-script-3.5.20-17.amzn2.7.14.i686.rpm
Amazon Linux2i686squid-debuginfo< 3.5.20-17.amzn2.7.14squid-debuginfo-3.5.20-17.amzn2.7.14.i686.rpm
Amazon Linux2x86_64squid< 3.5.20-17.amzn2.7.14squid-3.5.20-17.amzn2.7.14.x86_64.rpm
Amazon Linux2x86_64squid-sysvinit< 3.5.20-17.amzn2.7.14squid-sysvinit-3.5.20-17.amzn2.7.14.x86_64.rpm
Rows per page:
1-10 of 121

Related

nessus 32
rocky 1
osv 8
almalinux 2
oraclelinux 3
redhat 9
openvas 15
cve 2
amazon 2
alpinelinux 2
cvelist 2
prion 2
nvd 2
debiancve 2
redhatcve 2
cloudlinux 3
ubuntucve 2
veracode 2
ubuntu 2
fedora 2
photon 5
debian 2
mageia 1
nessus
nessus
Amazon Linux 2 : squid (ALAS-2023-2354)
2023-12-04 00:00:00
CentOS 8 : squid:4 (CESA-2024:0046)
2024-01-09 00:00:00
Amazon Linux 2023 : squid (ALAS2023-2023-429)
2023-11-15 00:00:00
rocky
rocky
squid:4 security update
2024-01-09 04:07:10
osv
osv
Important: squid:4 security update
2024-01-03 00:00:00
Important: squid:4 security update
2024-01-09 04:07:10
Important: squid security update
2024-01-08 00:00:00
almalinux
almalinux
Important: squid security update
2024-01-08 00:00:00
Important: squid:4 security update
2024-01-03 00:00:00
oraclelinux
oraclelinux
squid:4 security update
2024-01-04 00:00:00
squid security update
2024-01-10 00:00:00
squid security update
2024-04-11 00:00:00
redhat
redhat
(RHSA-2024:0046) Important: squid:4 security update
2024-01-03 20:53:49
(RHSA-2024:0071) Important: squid security update
2024-01-08 07:56:43
(RHSA-2024:0072) Important: squid security update
2024-01-08 07:56:48
openvas
openvas
openSUSE: Security Advisory for squid (SUSE-SU-2023:4544-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:4589-1)
2023-11-28 00:00:00
Squid DoS Vulnerability (GHSA-cg5h-v6vc-w33f, SQUID-2021:8)
2023-09-29 00:00:00
cve
cve
CVE-2023-46724
2023-11-01 20:15:08
CVE-2023-46728
2023-11-06 18:15:08
amazon
amazon
Important: squid
2023-11-10 17:32:00
Important: squid
2023-11-10 17:32:00
alpinelinux
alpinelinux
CVE-2023-46724
2023-11-01 20:15:08
CVE-2023-46728
2023-11-06 18:15:08
cvelist
cvelist
CVE-2023-46724 SQUID-2023:4 Denial of Service in SSL Certificate validation
2023-11-01 19:09:34
CVE-2023-46728 SQUID-2021:8 Denial of Service in Gopher gateway
2023-11-06 17:13:45
prion
prion
Null pointer dereference
2023-11-06 18:15:00
Input validation
2023-11-01 20:15:00
nvd
nvd
CVE-2023-46724
2023-11-01 20:15:08
CVE-2023-46728
2023-11-06 18:15:08
debiancve
debiancve
CVE-2023-46728
2023-11-06 18:15:08
CVE-2023-46724
2023-11-01 20:15:08
redhatcve
redhatcve
CVE-2023-46724
2023-11-02 03:57:23
CVE-2023-46728
2023-11-07 14:37:53
cloudlinux
cloudlinux
squid34: Fix of CVE-2023-46724
2023-11-29 19:29:11
squid34: Fix of CVE-2023-46728
2023-12-13 19:41:17
squid: Fix of CVE-2023-46728
2023-12-13 19:38:56
ubuntucve
ubuntucve
CVE-2023-46728
2023-11-06 00:00:00
CVE-2023-46724
2023-11-01 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-11-10 05:38:32
Denial Of Service
2023-11-02 07:16:45
ubuntu
ubuntu
Squid vulnerabilities
2023-11-21 00:00:00
Squid vulnerabilities
2023-12-11 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: squid-6.6-1.fc38
2023-12-29 01:05:39
[SECURITY] Fedora 39 Update: squid-6.6-1.fc39
2023-12-29 01:14:29
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0689
2023-11-21 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0697
2023-12-06 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0154
2023-11-24 00:00:00
debian
debian
[SECURITY] [DSA 5637-1] squid security update
2024-03-08 14:36:16
[SECURITY] [DLA 3709-1] squid security update
2024-01-09 00:08:19
mageia
mageia
Updated squid packages fix security vulnerabilities
2024-03-31 06:27:58

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.7%

JSON
Related for ALAS-2023-2354
nessus32rocky1osv8almalinux2oraclelinux3redhat9openvas15cve2amazon2alpinelinux2cvelist2prion2nvd2debiancve2redhatcve2cloudlinux3ubuntucve2veracode2ubuntu2fedora2photon5debian2mageia1