Lucene search

K
mageia
Gentoo FoundationMGASA-2014-0369
HistorySep 05, 2014 - 1:07 p.m.

Updated squid packages fix CVE-2014-3609

2014-09-0513:07:37
Gentoo Foundation
advisories.mageia.org
9

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.965 High

EPSS

Percentile

99.6%

Updated squid packages fix security vulnerability: Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service (CVE-2014-3609).

OSVersionArchitecturePackageVersionFilename
Mageia3noarchsquid< 3.2.10-1.7squid-3.2.10-1.7.mga3
Mageia4noarchsquid< 3.3.13-1squid-3.3.13-1.mga4
How to protect your server from attacks?

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.965 High

EPSS

Percentile

99.6%

Related for MGASA-2014-0369