Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2011:1791
HistoryDec 22, 2011 - 3:56 p.m.

squid security update

2011-12-2215:56:24
CentOS Project
lists.centos.org
44

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.935 High

EPSS

Percentile

99.1%

JSON

CentOS Errata and Security Advisory CESA-2011:1791

Squid is a high-performance proxy caching server for web clients,
supporting FTP, Gopher, and HTTP data objects.

An input validation flaw was found in the way Squid calculated the total
number of resource records in the answer section of multiple name server
responses. An attacker could use this flaw to cause Squid to crash.
(CVE-2011-4096)

Users of squid should upgrade to this updated package, which contains a
backported patch to correct this issue. After installing this update, the
squid service will be restarted automatically.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-December/080516.html

Affected packages:
squid

Upstream details at:
https://access.redhat.com/errata/RHSA-2011:1791

OSVersionArchitecturePackageVersionFilename
CentOS6i686squid< 3.1.10-1.el6_2.1squid-3.1.10-1.el6_2.1.i686.rpm
CentOS6x86_64squid< 3.1.10-1.el6_2.1squid-3.1.10-1.el6_2.1.x86_64.rpm

Related

nessus 14
redhat 1
debian 1
checkpoint_advisories 1
debiancve 1
openvas 17
oraclelinux 1
fedora 2
cve 1
veracode 1
ubuntucve 1
securityvulns 2
osv 1
prion 1
gentoo 1
suse 2
nessus
nessus
Scientific Linux Security Update : squid on SL6.x i386/x86_64
2012-08-01 00:00:00
openSUSE Security Update : squid3 (openSUSE-SU-2012:0213-1)
2014-06-13 00:00:00
Squid 3.1.x < 3.1.16 / 3.2.x < 3.2.0.13 DNS Replies CName Record Parsing Remote DoS
2011-12-14 00:00:00
redhat
redhat
(RHSA-2011:1791) Moderate: squid security update
2011-12-06 00:00:00
debian
debian
[SECURITY] [DSA 2381-1] squid3 security update
2012-01-06 14:28:52
checkpoint_advisories
checkpoint_advisories
Squid DNS Replies Invalid Free Code Execution (CVE-2011-4096)
2012-01-12 00:00:00
debiancve
debiancve
CVE-2011-4096
2011-11-17 19:55:00
openvas
openvas
Fedora Update for squid FEDORA-2011-15256
2011-11-18 00:00:00
CentOS Update for squid CESA-2011:1791 centos6
2012-07-30 00:00:00
RedHat Update for squid RHSA-2011:1791-01
2012-07-09 00:00:00
oraclelinux
oraclelinux
squid security update
2011-12-14 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: squid-3.1.16-1.fc14
2011-11-17 23:32:07
[SECURITY] Fedora 15 Update: squid-3.1.16-1.fc15
2011-11-17 23:38:53
cve
cve
CVE-2011-4096
2011-11-17 19:55:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:05:55
ubuntucve
ubuntucve
CVE-2011-4096
2011-11-17 00:00:00
securityvulns
securityvulns
[ MDVSA-2011:193 ] squid
2012-01-02 00:00:00
squid proxy server buffer overflow
2012-01-02 00:00:00
osv
osv
squid3 - invalid memory deallocation
2012-01-06 00:00:00
prion
prion
Memory corruption
2011-11-17 19:55:00
gentoo
gentoo
Squid: Multiple vulnerabilities
2013-09-27 00:00:00
suse
suse
Security update for squid3 (important)
2016-08-09 17:12:26
Security update for squid3 (important)
2016-08-16 18:08:55

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.935 High

EPSS

Percentile

99.1%

JSON
Related for CESA-2011:1791
nessus14redhat1debian1checkpoint_advisories1debiancve1openvas17oraclelinux1fedora2cve1veracode1ubuntucve1securityvulns2osv1prion1gentoo1suse2