Lucene search
Gentoo FoundationMGASA-2015-0347HistorySep 08, 2015 - 8:55 p.m.
Updated squid packages fix CVE-2015-5400
2015-09-0820:55:59
Gentoo Foundation
advisories.mageia.org
8
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.8%
Updated squid packages fix security vulnerability: Alex Rousskov discovered that Squid configured with cache_peer and operating on explicit proxy traffic does not correctly handle CONNECT method peer responses. In some configurations, it allows remote clients to bypass security in an explicit gateway proxy (CVE-2015-5400).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 5 | noarch | squid | < 3.4.13-1.1 | squid-3.4.13-1.1.mga5 |
Related
prion
prion
Cross site request forgery (csrf)
2015-09-28 20:59:00
debian
debian
[SECURITY] [DSA 3327-1] squid3 security update
2015-08-03 20:33:08
[SECURITY] [DLA 286-1] squid3 security update
2015-07-30 08:53:00
[SECURITY] [DSA 3327-1] squid3 security update
2015-08-03 20:33:08
osv
osv
squid3 - security update
2015-08-03 00:00:00
squid3 - security update
2015-07-30 00:00:00
ubuntucve
ubuntucve
CVE-2015-5400
2015-09-28 00:00:00
cve
cve
CVE-2015-5400
2015-09-28 20:59:00
nessus
nessus
Debian DSA-3327-1 : squid3 - security update
2015-08-04 00:00:00
FreeBSD : squid -- Improper Protection of Alternate Path with CONNECT requests (150d1538-23fa-11e5-a4a5-002590263bf5)
2015-07-07 00:00:00
Squid 3.x < 3.5.6 Multiple Vulnerabilities
2015-10-13 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3327-1] squid3 security update
2015-08-10 00:00:00
squid restrictions bypass
2015-08-10 00:00:00
freebsd
freebsd
squid -- Improper Protection of Alternate Path with CONNECT requests
2015-07-06 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-286-1)
2023-03-08 00:00:00
Squid 'cache_peer' Security Bypass Vulnerability (SQUID-2015:2)
2015-10-28 00:00:00
Debian: Security Advisory (DSA-3327-1)
2015-08-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package squid version 3.5.10-alt1
2015-10-20 00:00:00
debiancve
debiancve
CVE-2015-5400
2015-09-28 20:59:00
fedora
fedora
[SECURITY] Fedora 22 Update: libecap-1.0.0-1.fc22
2016-05-06 19:58:05
[SECURITY] Fedora 22 Update: squid-3.5.10-1.fc22
2016-05-06 19:58:05
suse
suse
Security update for squid3 (important)
2016-08-09 17:12:26
Security update for squid3 (important)
2016-08-16 18:08:55
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.8%
Related for MGASA-2015-0347