Lucene search

K
mageiaGentoo FoundationMGASA-2014-0168
HistoryApr 09, 2014 - 9:36 a.m.

Updated squid packages fix CVE-2014-0128

2014-04-0909:36:34
Gentoo Foundation
advisories.mageia.org
18

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.156 Low

EPSS

Percentile

96.0%

Updated squid packages fix security vulnerability: Due to incorrect state management, Squid before 3.3.12 is vulnerable to a denial of service attack when processing certain HTTPS requests if the SSL-Bump feature is enabled (CVE-2014-0128).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchsquid< 3.3.12-1squid-3.3.12-1.mga4

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.156 Low

EPSS

Percentile

96.0%