Lucene search

Internet Bug Bounty: Cache Poisoning

🗓️ 19 Mar 2020 16:08:44Reported by jeriko_oneType

An attacker can cause Squid to return attacker controlled data for any domain by exploiting CVE-2019-12524 and CVE-2019-12520 through cache poisoning. HTTPS aspect was fixed in 4.10 but FTP poisoning remained possible. Steps to reproduce FTP and HTTPS cache poisoning provided

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 67
UbuntuCve	CVE-2019-12524	15 Apr 202000:00	–	ubuntucve
UbuntuCve	CVE-2019-12520	15 Apr 202000:00	–	ubuntucve
OpenVAS	Squid 3.5.18 - 3.5.28 / 4.0.10 - 4.7 Multiple Vulnerabilities (SQUID-2019:4)	24 Apr 202000:00	–	openvas
OpenVAS	Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-1884)	31 Aug 202000:00	–	openvas
OpenVAS	Ubuntu: Security Advisory (USN-4446-1)	4 Aug 202000:00	–	openvas
OpenVAS	Ubuntu: Security Advisory (USN-4446-2)	2 Sep 202000:00	–	openvas
OpenVAS	SUSE: Security Advisory (SUSE-SU-2020:1227-1)	19 Apr 202100:00	–	openvas
OpenVAS	Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-2399)	4 Nov 202000:00	–	openvas
OpenVAS	Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2022-1766)	25 May 202200:00	–	openvas
OpenVAS	Debian: Security Advisory (DSA-4682-1)	10 May 202000:00	–	openvas

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Mar 2020 16:44Current

8.6High risk

Vulners AI Score8.6

EPSS0.04146