CVE-2014-3609

{"id": "CVE-2014-3609", "bulletinFamily": "NVD", "title": "CVE-2014-3609", "description": "HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted \"Range headers with unidentifiable byte-range values.\"", "published": "2014-09-11T14:55:05", "modified": "2017-01-06T22:00:06", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3609", "reporter": "NVD", "references": ["http://secunia.com/advisories/61320", "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00025.html", "http://www.debian.org/security/2015/dsa-3139", "http://www.debian.org/security/2014/dsa-3014", "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "http://www.squid-cache.org/Advisories/SQUID-2014_2.txt", "http://www.securityfocus.com/bid/69453", "http://secunia.com/advisories/61412", "http://rhn.redhat.com/errata/RHSA-2014-1147.html", "http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9201.patch", "http://lists.opensuse.org/opensuse-updates/2014-09/msg00029.html", "http://www.ubuntu.com/usn/USN-2327-1"], "cvelist": ["CVE-2014-3609"], "type": "cve", "lastseen": "2017-04-18T15:54:56", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:squid-cache:squid:3.3.6", "cpe:/a:squid-cache:squid:3.1.11", "cpe:/a:squid-cache:squid:3.1.0.18", "cpe:/a:squid-cache:squid:3.2.4", "cpe:/a:squid-cache:squid:3.2.2", "cpe:/a:squid-cache:squid:3.4.0.2", "cpe:/a:squid-cache:squid:3.1.13", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.1.5", "cpe:/a:squid-cache:squid:3.1.0.12", "cpe:/a:squid-cache:squid:3.2.0.15", "cpe:/a:squid-cache:squid:3.2.0.11", "cpe:/a:squid-cache:squid:3.4.0.1", "cpe:/a:squid-cache:squid:3.1.9", "cpe:/a:squid-cache:squid:3.1.0.9", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.4.1", "cpe:/a:squid-cache:squid:3.2.7", "cpe:/a:squid-cache:squid:3.2.0.16", "cpe:/a:squid-cache:squid:3.2.0.13", "cpe:/a:squid-cache:squid:3.3.9", "cpe:/a:squid-cache:squid:3.2.11", "cpe:/a:squid-cache:squid:3.3.1", "cpe:/a:squid-cache:squid:3.2.3", "cpe:/a:squid-cache:squid:3.3.7", "cpe:/a:squid-cache:squid:3.1.14", "cpe:/a:squid-cache:squid:3.2.5", "cpe:/a:squid-cache:squid:3.2.6", "cpe:/a:squid-cache:squid:3.1.2", "cpe:/a:squid-cache:squid:3.1.0.4", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.1.0.16", "cpe:/a:squid-cache:squid:3.1.0.8", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/a:squid-cache:squid:3.2.0.10", "cpe:/a:squid-cache:squid:3.1.0.10", "cpe:/a:squid-cache:squid:3.1.3", "cpe:/a:squid-cache:squid:3.2.8", "cpe:/a:squid-cache:squid:3.1.0.3", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.2.0.14", "cpe:/a:squid-cache:squid:3.4.2", "cpe:/a:squid-cache:squid:3.1.0.11", "cpe:/a:squid-cache:squid:3.3.10", "cpe:/a:squid-cache:squid:3.1.0.15", "cpe:/a:squid-cache:squid:3.2.1", "cpe:/a:squid-cache:squid:3.1.4", "cpe:/a:squid-cache:squid:3.2.0.12", "cpe:/a:squid-cache:squid:3.2.9", "cpe:/a:squid-cache:squid:3.1.0.6", "cpe:/a:squid-cache:squid:3.3.8", "cpe:/a:squid-cache:squid:3.1.0.14", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.1.0.13", "cpe:/a:squid-cache:squid:3.1.6", "cpe:/a:squid-cache:squid:3.1.0.1", "cpe:/a:squid-cache:squid:3.1.0.2", "cpe:/a:squid-cache:squid:3.4.3", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/a:squid-cache:squid:3.2.0.1", "cpe:/a:squid-cache:squid:3.1.0.7", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/a:squid-cache:squid:3.2.0.18", "cpe:/a:squid-cache:squid:3.1", "cpe:/a:squid-cache:squid:3.2.12", "cpe:/a:squid-cache:squid:3.1.1", "cpe:/a:squid-cache:squid:3.3.0", "cpe:/a:squid-cache:squid:3.1.0.5", "cpe:/a:squid-cache:squid:3.1.10", "cpe:/a:squid-cache:squid:3.1.7", "cpe:/a:squid-cache:squid:3.1.8", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.3.11", "cpe:/a:squid-cache:squid:3.2.0.19", "cpe:/a:squid-cache:squid:3.2.0.17", "cpe:/a:squid-cache:squid:3.1.15", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.1.12", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.1.5.1", "cpe:/a:squid-cache:squid:3.1.0.17", "cpe:/a:squid-cache:squid:3.4.0.3", "cpe:/a:squid-cache:squid:3.4.5", "cpe:/a:squid-cache:squid:3.2.0.2", "cpe:/a:squid-cache:squid:3.2.10", "cpe:/a:squid-cache:squid:3.2.0.6", "cpe:/a:squid-cache:squid:3.4.4"], "cvelist": ["CVE-2014-3609"], "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted \"Range headers with unidentifiable byte-range values.\"", "edition": 1, "hash": "362eda4381201e314b95a82dd7da60f55e1189a73da42f78839e98221eaed7c4", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "cda1a361791ab45ba820ca01f11f44a2", "key": "cvelist"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "2f2bb974ad7de255e75c7775b64dbe19", "key": "cpe"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "b2b3b82239985bc33fb9472aa3186f92", "key": "references"}, {"hash": "039f1b04a0cb8f21b83391546f6e2a07", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d189ce81756ba9330dc059876d3a3904", "key": "description"}, {"hash": "4c31573dc2f68ec4a9a5ff39b6903fb8", "key": "modified"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "94452722200b10aa9c17ccf5d1ad6312", "key": "title"}, {"hash": "0f3c1430ede789088ff0a25ecfa010fb", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3609", "id": "CVE-2014-3609", "lastseen": "2016-09-03T20:28:51", "modified": "2015-03-11T21:59:24", "objectVersion": "1.2", "published": "2014-09-11T14:55:05", "references": ["http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00025.html", "http://www.debian.org/security/2015/dsa-3139", "http://www.debian.org/security/2014/dsa-3014", "http://www.squid-cache.org/Advisories/SQUID-2014_2.txt", "http://rhn.redhat.com/errata/RHSA-2014-1147.html", "http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9201.patch", "http://lists.opensuse.org/opensuse-updates/2014-09/msg00029.html", "http://www.ubuntu.com/usn/USN-2327-1"], "reporter": "NVD", "scanner": [], "title": "CVE-2014-3609", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T20:28:51"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "2f2bb974ad7de255e75c7775b64dbe19"}, {"key": "cvelist", "hash": "cda1a361791ab45ba820ca01f11f44a2"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "d189ce81756ba9330dc059876d3a3904"}, {"key": "href", "hash": "0f3c1430ede789088ff0a25ecfa010fb"}, {"key": "modified", "hash": "5e383c75c3a48ef58f0b0f49b28fce8d"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "039f1b04a0cb8f21b83391546f6e2a07"}, {"key": "references", "hash": "54930736f32d9403f9cd092429aef221"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "94452722200b10aa9c17ccf5d1ad6312"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "b6c3667828e59b32798e65bf6328711f310537950aad160bd86ca0979543089f", "viewCount": 0, "objectVersion": "1.2", "cpe": ["cpe:/a:squid-cache:squid:3.3.6", "cpe:/a:squid-cache:squid:3.1.11", "cpe:/a:squid-cache:squid:3.1.0.18", "cpe:/a:squid-cache:squid:3.2.4", "cpe:/a:squid-cache:squid:3.2.2", "cpe:/a:squid-cache:squid:3.4.0.2", "cpe:/a:squid-cache:squid:3.1.13", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.1.5", "cpe:/a:squid-cache:squid:3.1.0.12", "cpe:/a:squid-cache:squid:3.2.0.15", "cpe:/a:squid-cache:squid:3.2.0.11", "cpe:/a:squid-cache:squid:3.4.0.1", "cpe:/a:squid-cache:squid:3.1.9", "cpe:/a:squid-cache:squid:3.1.0.9", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.4.1", "cpe:/a:squid-cache:squid:3.2.7", "cpe:/a:squid-cache:squid:3.2.0.16", "cpe:/a:squid-cache:squid:3.2.0.13", "cpe:/a:squid-cache:squid:3.3.9", "cpe:/a:squid-cache:squid:3.2.11", "cpe:/a:squid-cache:squid:3.3.1", "cpe:/a:squid-cache:squid:3.2.3", "cpe:/a:squid-cache:squid:3.3.7", "cpe:/a:squid-cache:squid:3.1.14", "cpe:/a:squid-cache:squid:3.2.5", "cpe:/a:squid-cache:squid:3.2.6", "cpe:/a:squid-cache:squid:3.1.2", "cpe:/a:squid-cache:squid:3.1.0.4", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.1.0.16", "cpe:/a:squid-cache:squid:3.1.0.8", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/a:squid-cache:squid:3.2.0.10", "cpe:/a:squid-cache:squid:3.1.0.10", "cpe:/a:squid-cache:squid:3.1.3", "cpe:/a:squid-cache:squid:3.2.8", "cpe:/a:squid-cache:squid:3.1.0.3", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.2.0.14", "cpe:/a:squid-cache:squid:3.4.2", "cpe:/a:squid-cache:squid:3.1.0.11", "cpe:/a:squid-cache:squid:3.3.10", "cpe:/a:squid-cache:squid:3.1.0.15", "cpe:/a:squid-cache:squid:3.2.1", "cpe:/a:squid-cache:squid:3.1.4", "cpe:/a:squid-cache:squid:3.2.0.12", "cpe:/a:squid-cache:squid:3.2.9", "cpe:/a:squid-cache:squid:3.1.0.6", "cpe:/a:squid-cache:squid:3.3.8", "cpe:/a:squid-cache:squid:3.1.0.14", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.1.0.13", "cpe:/a:squid-cache:squid:3.1.6", "cpe:/a:squid-cache:squid:3.1.0.1", "cpe:/a:squid-cache:squid:3.1.0.2", "cpe:/a:squid-cache:squid:3.4.3", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/a:squid-cache:squid:3.2.0.1", "cpe:/a:squid-cache:squid:3.1.0.7", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/a:squid-cache:squid:3.2.0.18", "cpe:/a:squid-cache:squid:3.1", "cpe:/a:squid-cache:squid:3.2.12", "cpe:/a:squid-cache:squid:3.1.1", "cpe:/a:squid-cache:squid:3.3.0", "cpe:/a:squid-cache:squid:3.1.0.5", "cpe:/a:squid-cache:squid:3.1.10", "cpe:/a:squid-cache:squid:3.1.7", "cpe:/a:squid-cache:squid:3.1.8", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.3.11", "cpe:/a:squid-cache:squid:3.2.0.19", "cpe:/a:squid-cache:squid:3.2.0.17", "cpe:/a:squid-cache:squid:3.1.15", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.1.12", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.1.5.1", "cpe:/a:squid-cache:squid:3.1.0.17", "cpe:/a:squid-cache:squid:3.4.0.3", "cpe:/a:squid-cache:squid:3.4.5", "cpe:/a:squid-cache:squid:3.2.0.2", "cpe:/a:squid-cache:squid:3.2.10", "cpe:/a:squid-cache:squid:3.2.0.6", "cpe:/a:squid-cache:squid:3.4.4"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": [], "enchantments": {"vulnersScore": 1.2}}

{"result": {"ubuntu": [{"id": "USN-2327-1", "type": "ubuntu", "title": "Squid 3 vulnerability", "description": "Matthew Daley discovered that Squid 3 did not properly perform input \nvalidation in request parsing. A remote attacker could send crafted Range \nrequests to cause a denial of service.", "published": "2014-08-27T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.ubuntu.com/usn/usn-2327-1", "cvelist": ["CVE-2014-3609"], "lastseen": "2017-05-01T08:28:40"}], "debian": [{"id": "DSA-3139", "type": "debian", "title": "squid -- security update", "description": "Matthew Daley discovered that squid, a web proxy cache, does not properly perform input validation when parsing requests. A remote attacker could use this flaw to mount a denial of service attack, by sending specially crafted Range requests.\n\nFor the stable distribution (wheezy), this problem has been fixed in version 2.7.STABLE9-4.1+deb7u1.\n\nWe recommend that you upgrade your squid packages.", "published": "2015-01-25T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-3139", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-02T18:28:47"}, {"id": "DLA-216", "type": "debian", "title": "squid -- LTS security update", "description": "* [CVE-2014-3609](<https://security-tracker.debian.org/tracker/CVE-2014-3609>): \n\nDenial of Service in Range header processing.\n\nIgnore Range headers with unidentifiable byte-range values. If squid is unable to determine the byte value for ranges, treat the header as invalid.", "published": "2015-05-01T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/2015/dla-216", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-02T12:57:17"}, {"id": "DSA-3014", "type": "debian", "title": "squid3 -- security update", "description": "Matthew Daley discovered that Squid3, a fully featured web proxy cache, did not properly perform input validation in request parsing. A remote attacker could use this flaw to mount a denial of service by sending crafted Range requests.\n\nFor the stable distribution (wheezy), this problem has been fixed in version 3.1.20-2.2+deb7u2.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your squid3 packages.", "published": "2014-08-28T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-3014", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-02T18:33:14"}], "centos": [{"id": "CESA-2014:1147", "type": "centos", "title": "squid security update", "description": "**CentOS Errata and Security Advisory** CESA-2014:1147\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-September/020531.html\n\n**Affected packages:**\nsquid\nsquid-sysvinit\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1147.html", "published": "2014-09-03T23:09:15", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2014-September/020531.html", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-12-05T19:57:58"}, {"id": "CESA-2014:1148", "type": "centos", "title": "squid security update", "description": "**CentOS Errata and Security Advisory** CESA-2014:1148\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-September/020534.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-September/020537.html\n\n**Affected packages:**\nsquid\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1148.html", "published": "2014-09-03T23:16:08", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2014-September/020534.html", "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "lastseen": "2016-12-05T20:02:34"}], "nessus": [{"id": "DEBIAN_DSA-3139.NASL", "type": "nessus", "title": "Debian DSA-3139-1 : squid - security update", "description": "Matthew Daley discovered that squid, a web proxy cache, does not properly perform input validation when parsing requests. A remote attacker could use this flaw to mount a denial of service attack, by sending specially crafted Range requests.", "published": "2015-01-27T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=81006", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T17:23:40"}, {"id": "FEDORA_2014-9882.NASL", "type": "nessus", "title": "Fedora 21 : squid-3.4.7-1.fc21 (2014-9882)", "description": "Security fix for CVE-2014-3609\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-09-23T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=77799", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T17:25:38"}, {"id": "SUSE_11_SQUID3-140912.NASL", "type": "nessus", "title": "SuSE 11.3 Security Update : squid3 (SAT Patch Number 9729)", "description": "Squid3 was updated to fix a denial of service in Range Header processing, which would have allowed proxy users to crash the squid proxy process. (CVE-2014-3609)", "published": "2014-09-18T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=77743", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T17:24:09"}, {"id": "ORACLELINUX_ELSA-2014-1147.NASL", "type": "nessus", "title": "Oracle Linux 7 : squid (ELSA-2014-1147)", "description": "From Red Hat Security Advisory 2014:1147 :\n\nUpdated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this issue. Upstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically.", "published": "2014-09-04T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=77516", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T17:25:37"}, {"id": "OPENSUSE-2014-548.NASL", "type": "nessus", "title": "openSUSE Security Update : squid (openSUSE-SU-2014:1144-1)", "description": "This update fixes the following security issues and bugs with squid :\n\nA denial of Service in Range header processing was fixed that could be used by proxy users to crash squid. (CVE-2014-3609)\n\nAlso the following bugs were fixed :\n\n - bnc#894840: removed unnecessary 'sharedscripts' in squid's logrotate snippet\n\n - bnc#894636: fixes run of init script when logrotate is called", "published": "2014-09-22T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=77777", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T17:23:42"}, {"id": "DEBIAN_DLA-45.NASL", "type": "nessus", "title": "Debian DLA-45-1 : squid3 security update", "description": "CVE-2014-3609: Denial of Service in Range header processing.\n\nIgnore Range headers with unidentifiable byte-range values. If squid is unable to determine the byte value for ranges, treat the header as invalid.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-03-26T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82192", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T17:25:22"}, {"id": "FEDORA_2014-9948.NASL", "type": "nessus", "title": "Fedora 20 : squid-3.3.13-1.fc20 (2014-9948)", "description": "Security fix for CVE-2014-3609\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-09-08T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=77559", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T17:23:40"}, {"id": "SQUID_3_4_7.NASL", "type": "nessus", "title": "Squid 3.x < 3.3.13 / 3.4.7 Request Processing DoS", "description": "According to its banner, the version of Squid running on the remote host is 3.x prior to 3.3.13 or 3.4.7. It is, therefore, affected by a denial of service vulnerability.\n\nThe flaw exists due to user-supplied input not being properly validated in request parsing. This allows a remote attacker to specially craft a request with Range headers with unidentifiable byte-range values to crash the application.\n\nNote that Nessus has relied only on the version in the proxy server's banner. The patch released to address the issue does not update the version in the banner. If the patch has been applied properly, and the service has been restarted, consider this to be a false positive.", "published": "2014-09-30T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=77985", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T17:25:49"}, {"id": "DEBIAN_DLA-216.NASL", "type": "nessus", "title": "Debian DLA-216-1 : squid security update", "description": "CVE-2014-3609: Denial of Service in Range header processing.\n\nIgnore Range headers with unidentifiable byte-range values. If squid is unable to determine the byte value for ranges, treat the header as invalid.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-05-01T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83168", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T17:26:20"}, {"id": "UBUNTU_USN-2327-1.NASL", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS : squid3 vulnerability (USN-2327-1)", "description": "Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-08-28T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=77420", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T17:25:59"}], "openvas": [{"id": "OPENVAS:882006", "type": "openvas", "title": "CentOS Update for squid CESA-2014:1147 centos7 ", "description": "Check for the Version of squid", "published": "2014-09-10T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=882006", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T20:42:11"}, {"id": "OPENVAS:850753", "type": "openvas", "title": "SuSE Update for squid3 SUSE-SU-2014:1140-1 (squid3)", "description": "Check the version of squid3", "published": "2015-10-13T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=850753", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T20:39:38"}, {"id": "OPENVAS:703014", "type": "openvas", "title": "Debian Security Advisory DSA 3014-1 (squid3 - security update)", "description": "Matthew Daley discovered that Squid3, a fully featured web proxy cache,\ndid not properly perform input validation in request parsing. A remote\nattacker could use this flaw to mount a denial of service by sending\ncrafted Range requests.", "published": "2014-08-28T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703014", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T20:42:03"}, {"id": "OPENVAS:806106", "type": "openvas", "title": "Squid HTTP Range Request Handling Denial of Service Vulnerability", "description": "This host is running Squid and is prone\n to denial of service vulnerability.", "published": "2015-09-08T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=806106", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T20:39:45"}, {"id": "OPENVAS:841945", "type": "openvas", "title": "Ubuntu Update for squid3 USN-2327-1", "description": "Check for the Version of squid3", "published": "2014-08-29T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841945", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T20:42:13"}, {"id": "OPENVAS:871235", "type": "openvas", "title": "RedHat Update for squid RHSA-2014:1147-01", "description": "Check for the Version of squid", "published": "2014-09-04T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=871235", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T20:42:12"}, {"id": "OPENVAS:868166", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-9948", "description": "Check for the Version of squid", "published": "2014-09-06T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=868166", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T20:42:12"}, {"id": "OPENVAS:123323", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-1147", "description": "Oracle Linux Local Security Checks ELSA-2014-1147", "published": "2015-10-06T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=123323", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-11-16T16:43:41"}, {"id": "OPENVAS:703139", "type": "openvas", "title": "Debian Security Advisory DSA 3139-1 (squid - security update)", "description": "Matthew Daley discovered that squid,\na web proxy cache, does not properly perform input validation when parsing requests.\nA remote attacker could use this flaw to mount a denial of service attack, by\nsending specially crafted Range requests.", "published": "2015-01-25T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703139", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-26T20:39:44"}, {"id": "OPENVAS:881996", "type": "openvas", "title": "CentOS Update for squid CESA-2014:1148 centos6 ", "description": "Check for the Version of squid", "published": "2014-09-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881996", "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "lastseen": "2016-09-26T20:42:10"}], "suse": [{"id": "SUSE-SU-2014:1140-1", "type": "suse", "title": "Security update for squid3 (important)", "description": "Squid3 was updated to fix a denial of service in Range Header processing,\n which would have allowed proxy users to crash the squid proxy process.\n (CVE-2014-3609)\n\n Security Issues:\n\n * CVE-2014-3609\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609</a>>\n\n", "published": "2014-09-18T00:05:25", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00025.html", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-04T12:30:16"}], "redhat": [{"id": "RHSA-2014:1147", "type": "redhat", "title": "(RHSA-2014:1147) Important: squid security update", "description": "Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nRed Hat would like to thank the Squid project for reporting this issue.\nUpstream acknowledges Matthew Daley as the original reporter.\n\nAll Squid users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the squid service will be restarted automatically.\n", "published": "2014-09-03T04:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2014:1147", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-11-25T14:52:25"}, {"id": "RHSA-2014:1148", "type": "redhat", "title": "(RHSA-2014:1148) Important: squid security update", "description": "Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote\nattacker able to send HTTP requests to the Squid proxy could use this flaw\nto crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original\nreporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing this\nupdate, the squid service will be restarted automatically.\n", "published": "2014-09-03T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2014:1148", "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "lastseen": "2017-03-06T09:19:25"}], "oraclelinux": [{"id": "ELSA-2014-1147", "type": "oraclelinux", "title": "squid security update", "description": "[7:3.3.8-12]\n- Resolves: #1134933 - CVE-2014-3609 assertion failure in header processing", "published": "2014-09-03T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2014-1147.html", "cvelist": ["CVE-2014-3609"], "lastseen": "2016-09-04T11:16:42"}, {"id": "ELSA-2014-1148", "type": "oraclelinux", "title": "squid security update", "description": "[7:3.1.10-22]\n- Resolves: #1134936 - CVE-2013-4115 buffer overflow when processing overly long DNS names\n[7:3.1.10-21]\n- Resolves: #1134936 - CVE-2014-3609 assertion failure in header processing", "published": "2014-09-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2014-1148.html", "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "lastseen": "2016-09-04T11:16:40"}], "amazon": [{"id": "ALAS-2014-411", "type": "amazon", "title": "Important: squid", "description": "**Issue Overview:**\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. ([CVE-2014-3609 __](<https://access.redhat.com/security/cve/CVE-2014-3609>))\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. ([CVE-2013-4115 __](<https://access.redhat.com/security/cve/CVE-2013-4115>))\n\n \n**Affected Packages:** \n\n\nsquid\n\n \n**Issue Correction:** \nRun _yum update squid_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n squid-debuginfo-3.1.10-22.16.amzn1.i686 \n squid-3.1.10-22.16.amzn1.i686 \n \n src: \n squid-3.1.10-22.16.amzn1.src \n \n x86_64: \n squid-3.1.10-22.16.amzn1.x86_64 \n squid-debuginfo-3.1.10-22.16.amzn1.x86_64 \n \n \n", "published": "2014-09-17T21:47:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2014-411.html", "cvelist": ["CVE-2013-4115", "CVE-2014-3609"], "lastseen": "2016-09-28T21:04:04"}, {"id": "ALAS-2014-433", "type": "amazon", "title": "Important: squid", "description": "**Issue Overview:**\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. ([CVE-2014-3609 __](<https://access.redhat.com/security/cve/CVE-2014-3609>))\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. ([CVE-2013-4115 __](<https://access.redhat.com/security/cve/CVE-2013-4115>))\n\nSquid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. ([CVE-2014-0128 __](<https://access.redhat.com/security/cve/CVE-2014-0128>))\n\n \n**Affected Packages:** \n\n\nsquid\n\n \n**Issue Correction:** \nRun _yum update squid_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n squid-3.1.10-29.17.amzn1.i686 \n squid-debuginfo-3.1.10-29.17.amzn1.i686 \n \n src: \n squid-3.1.10-29.17.amzn1.src \n \n x86_64: \n squid-3.1.10-29.17.amzn1.x86_64 \n squid-debuginfo-3.1.10-29.17.amzn1.x86_64 \n \n \n", "published": "2014-10-22T20:04:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2014-433.html", "cvelist": ["CVE-2014-0128", "CVE-2013-4115", "CVE-2014-3609"], "lastseen": "2016-09-28T21:04:10"}]}}