{"cve": [{"lastseen": "2020-10-03T12:49:51", "description": "Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.", "edition": 4, "cvss3": {}, "published": "2015-05-18T15:59:00", "title": "CVE-2015-3455", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3455"], "modified": "2019-12-27T16:08:00", "cpe": ["cpe:/a:squid-cache:squid:3.3.6", "cpe:/a:squid-cache:squid:3.2.4", "cpe:/a:squid-cache:squid:3.2.2", "cpe:/a:squid-cache:squid:3.4.0.2", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.2.0.15", "cpe:/a:squid-cache:squid:3.2.0.11", "cpe:/a:squid-cache:squid:3.4.0.1", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.4.1", "cpe:/a:squid-cache:squid:3.2.7", "cpe:/a:squid-cache:squid:3.4.8", "cpe:/a:squid-cache:squid:3.2.0.16", "cpe:/a:squid-cache:squid:3.2.0.13", "cpe:/a:squid-cache:squid:3.3.9", "cpe:/a:squid-cache:squid:3.2.11", "cpe:/a:squid-cache:squid:3.5.0.1", "cpe:/a:squid-cache:squid:3.4.11", "cpe:/a:squid-cache:squid:3.3.1", "cpe:/a:squid-cache:squid:3.2.3", "cpe:/a:squid-cache:squid:3.3.7", "cpe:/a:squid-cache:squid:3.4.10", "cpe:/a:squid-cache:squid:3.2.5", "cpe:/a:squid-cache:squid:3.2.6", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.3.0.1", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/a:squid-cache:squid:3.2.0.10", "cpe:/a:squid-cache:squid:3.5.0.3", "cpe:/a:squid-cache:squid:3.2.8", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.2.0.14", "cpe:/a:squid-cache:squid:3.3.13", "cpe:/a:squid-cache:squid:3.4.2", "cpe:/a:squid-cache:squid:3.3.10", "cpe:/o:oracle:solaris:11.2", "cpe:/a:squid-cache:squid:3.2.1", "cpe:/a:squid-cache:squid:3.4.12", "cpe:/a:squid-cache:squid:3.2.0.12", "cpe:/a:squid-cache:squid:3.4.6", "cpe:/a:squid-cache:squid:3.2.9", "cpe:/a:squid-cache:squid:3.3.8", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.3.12", "cpe:/a:squid-cache:squid:3.5.2", "cpe:/a:squid-cache:squid:3.4.3", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/a:squid-cache:squid:3.2.0.1", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/a:squid-cache:squid:3.2.0.18", "cpe:/a:squid-cache:squid:3.2.12", "cpe:/a:squid-cache:squid:3.3.0", "cpe:/a:squid-cache:squid:3.5.0.4", "cpe:/a:squid-cache:squid:3.2.13", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.3.11", "cpe:/a:squid-cache:squid:3.5.1", "cpe:/o:oracle:linux:7", "cpe:/a:squid-cache:squid:3.2.0.19", "cpe:/o:fedoraproject:fedora:22", "cpe:/a:squid-cache:squid:3.2.0.17", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.4.9", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.4.7", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.5.0.2", "cpe:/a:squid-cache:squid:3.4.0.3", "cpe:/a:squid-cache:squid:3.4.5", "cpe:/a:squid-cache:squid:3.2.0.2", "cpe:/a:squid-cache:squid:3.2.10", "cpe:/a:squid-cache:squid:3.2.0.6", "cpe:/a:squid-cache:squid:3.4.4"], "id": "CVE-2015-3455", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3455", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:10:58", "bulletinFamily": "software", "cvelist": ["CVE-2015-3455"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2015:230\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : squid\r\n Date : May 6, 2015\r\n Affected: Business Server 2.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated squid packages fix security vulnerability:\r\n \r\n Squid configured with client-first SSL-bump does not correctly validate\r\n X509 server certificate domain / hostname fields (CVE-2015-3455).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3455\r\n http://advisories.mageia.org/MGASA-2015-0191.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 2/X86_64:\r\n 1b42519307a1a9656d770c16a52cc255 mbs2/x86_64/squid-3.3.14-1.mbs2.x86_64.rpm\r\n e265cc1b9286427d303db2d7ce8a9e5d mbs2/x86_64/squid-cachemgr-3.3.14-1.mbs2.x86_64.rpm \r\n 2218b2d6b499bbf470798805c774a5ea mbs2/SRPMS/squid-3.3.14-1.mbs2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFVSfQ6mqjQ0CJFipgRAnnaAJoCpgp0yT4RqQhTyCsfUCj9HflFVACeNtuz\r\nhsuApo5rskLRKadA81hW0E8=\r\n=oIlM\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2015-05-11T00:00:00", "published": "2015-05-11T00:00:00", "id": "SECURITYVULNS:DOC:32016", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32016", "title": "[ MDVSA-2015:230 ] squid", "type": "securityvulns", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:00", "bulletinFamily": "software", "cvelist": ["CVE-2015-3455"], "description": "Insufficient check for server certificate.", "edition": 1, "modified": "2015-05-11T00:00:00", "published": "2015-05-11T00:00:00", "id": "SECURITYVULNS:VULN:14454", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14454", "title": "squid insufficient certificate validation", "type": "securityvulns", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2019-05-29T18:36:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3455"], "description": "Oracle Linux Local Security Checks ELSA-2015-2378", "modified": "2018-09-28T00:00:00", "published": "2015-11-24T00:00:00", "id": "OPENVAS:1361412562310122756", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122756", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-2378", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-2378.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122756\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-11-24 10:17:29 +0200 (Tue, 24 Nov 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-2378\");\n script_tag(name:\"insight\", value:\"ELSA-2015-2378 - squid security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-2378\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-2378.html\");\n script_cve_id(\"CVE-2015-3455\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.8~26.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"squid-sysvinit\", rpm:\"squid-sysvinit~3.3.8~26.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3455"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-11-20T00:00:00", "id": "OPENVAS:1361412562310871483", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871483", "type": "openvas", "title": "RedHat Update for squid RHSA-2015:2378-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squid RHSA-2015:2378-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871483\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-20 06:19:59 +0100 (Fri, 20 Nov 2015)\");\n script_cve_id(\"CVE-2015-3455\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for squid RHSA-2015:2378-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching\nserver for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nIt was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in-the-middle attacker could use this flaw to spoof a Squid server\nusing a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs:\n\n * Previously, the squid process did not handle file descriptors correctly\nwhen receiving Simple Network Management Protocol (SNMP) requests. As a\nconsequence, the process gradually accumulated open file descriptors. This\nbug has been fixed and squid now handles SNMP requests correctly, closing\nfile descriptors when necessary. (BZ#1198778)\n\n * Under high system load, the squid process sometimes terminated\nunexpectedly with a segmentation fault during reboot. This update provides\nbetter memory handling during reboot, thus fixing this bug. (BZ#1225640)\n\nUsers of squid are advised to upgrade to these updated packages, which fix\nthese bugs. After installing this update, the squid service will be\nrestarted automatically.\");\n script_tag(name:\"affected\", value:\"squid on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:2378-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-November/msg00043.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.8~26.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~3.3.8~26.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3455"], "description": "This host is running Squid and is prone\n to certificate validation bypass vulnerability.", "modified": "2019-05-20T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310806104", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806104", "type": "openvas", "title": "Squid SSL-Bump Certificate Validation Bypass Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid SSL-Bump Certificate Validation Bypass Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:squid-cache:squid\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806104\");\n script_version(\"2019-05-20T11:12:48+0000\");\n script_cve_id(\"CVE-2015-3455\");\n script_bugtraq_id(74438);\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 11:12:48 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 14:34:34 +0530 (Tue, 08 Sep 2015)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Squid SSL-Bump Certificate Validation Bypass Vulnerability\");\n\n script_tag(name:\"summary\", value:\"This host is running Squid and is prone\n to certificate validation bypass vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The client-first SSL-bump feature does not\n properly validate X.509 server certificate domain and hostname fields. A remote\n server can create a specially crafted certificate to bypass client certificate\n validation.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass client certificate validation.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.2 -> 3.2.13\n Squid 3.3 -> 3.3.13\n Squid 3.4 -> 3.4.12\n Squid 3.5 -> 3.5.3\");\n\n script_tag(name:\"solution\", value:\"Apply the patch or upgrade to version\n Squid 3.5.4, 3.4.13, 3.3.14, 3.2.14 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1032221\");\n script_xref(name:\"URL\", value:\"http://advisories.mageia.org/MGASA-2015-0191.html\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2015_1.txt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_squid_detect.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\");\n script_require_ports(\"Services/www\", 3128, 8080);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!squidPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!squidVer = get_app_version(cpe:CPE, port:squidPort)){\n exit(0);\n}\n\nif(squidVer !~ \"^3\\.[2-5]\"){\n exit(99);\n}\n\nif(version_in_range(version:squidVer, test_version:\"3.2\", test_version2:\"3.2.13\"))\n{\n VULN =TRUE;\n Fix = \"3.2.14\";\n}\n\nelse if(version_in_range(version:squidVer, test_version:\"3.3\", test_version2:\"3.3.13\"))\n{\n VULN =TRUE;\n Fix = \"3.3.14\";\n}\n\n\nelse if(version_in_range(version:squidVer, test_version:\"3.4\", test_version2:\"3.4.12\"))\n{\n VULN =TRUE;\n Fix = \"3.4.13\";\n}\n\nelse if(version_in_range(version:squidVer, test_version:\"3.5\", test_version2:\"3.5.3\"))\n{\n VULN =TRUE;\n Fix = \"3.5.4\";\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + squidVer + '\\n' +\n 'Fixed version: ' + Fix + '\\n';\n\n security_message(data:report, port:squidPort);\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5400", "CVE-2015-3455", "CVE-2016-2571", "CVE-2016-2572"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-05-07T00:00:00", "id": "OPENVAS:1361412562310807976", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807976", "type": "openvas", "title": "Fedora Update for libecap FEDORA-2016-7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libecap FEDORA-2016-7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807976\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-07 05:18:25 +0200 (Sat, 07 May 2016)\");\n script_cve_id(\"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2015-3455\", \"CVE-2015-5400\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libecap FEDORA-2016-7\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libecap'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libecap on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183598.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"libecap\", rpm:\"libecap~1.0.0~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5400", "CVE-2015-3455", "CVE-2016-2571", "CVE-2016-2572"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-05-07T00:00:00", "id": "OPENVAS:1361412562310807978", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807978", "type": "openvas", "title": "Fedora Update for squid FEDORA-2016-7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2016-7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807978\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-07 05:18:30 +0200 (Sat, 07 May 2016)\");\n script_cve_id(\"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2015-3455\", \"CVE-2015-5400\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for squid FEDORA-2016-7\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"squid on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183597.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.10~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:29:12", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3455"], "description": "**CentOS Errata and Security Advisory** CESA-2015:2378\n\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nIt was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in-the-middle attacker could use this flaw to spoof a Squid server\nusing a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs:\n\n* Previously, the squid process did not handle file descriptors correctly\nwhen receiving Simple Network Management Protocol (SNMP) requests. As a\nconsequence, the process gradually accumulated open file descriptors. This\nbug has been fixed and squid now handles SNMP requests correctly, closing\nfile descriptors when necessary. (BZ#1198778)\n\n* Under high system load, the squid process sometimes terminated\nunexpectedly with a segmentation fault during reboot. This update provides\nbetter memory handling during reboot, thus fixing this bug. (BZ#1225640)\n\nUsers of squid are advised to upgrade to these updated packages, which fix\nthese bugs. After installing this update, the squid service will be\nrestarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-November/008824.html\n\n**Affected packages:**\nsquid\nsquid-sysvinit\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2378.html", "edition": 3, "modified": "2015-11-30T19:52:33", "published": "2015-11-30T19:52:33", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-November/008824.html", "id": "CESA-2015:2378", "title": "squid security update", "type": "centos", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3455"], "description": "[7:3.3.8-26]\n- Related: #1186768 - removing patch, because of missing tests and\n incorrent patch\n[7:3.3.8-25]\n- Related: #1102842 - squid rpm package misses /var/run/squid needed for\n smp mode. Squid needs write access to /var/run/squid.\n[7:3.3.8-24]\n- Related: #1102842 - squid rpm package misses /var/run/squid needed for\n smp mode. Creation of /var/run/squid was also needed to be in SPEC file.\n[7:3.3.8-23]\n- Related: #1102842 - squid rpm package misses /var/run/squid needed for\n smp mode. Creation of this directory was moved to tmpfiles.d conf file.\n[7:3.3.8-22]\n- Related: #1102842 - squid rpm package misses /var/run/squid needed for\n smp mode. Creation of this directory was moved to service file.\n[7:3.3.8-21]\n- Resolves: #1263338 - squid with digest auth on big endian systems\n start looping\n[7:3.3.8-20]\n- Resolves: #1186768 - security issue: Nonce replay vulnerability\n in Digest authentication\n[7:3.3.8-19]\n- Resolves: #1225640 - squid crashes by segfault when it reboots\n[7:3.3.8-18]\n- Resolves: #1102842 - squid rpm package misses /var/run/squid needed for\n smp mode\n[7:3.3.8-17]\n- Resolves: #1233265 - CVE-2015-3455 squid: incorrect X509 server\n certificate validation\n[7:3.3.8-16]\n- Resolves: #1080042 - Supply a firewalld service file with squid\n[7:3.3.8-15]\n- Resolves: #1161600 - Squid does not serve cached responses\n with Vary headers\n[7:3.3.8-14]\n- Resolves: #1198778 - Filedescriptor leaks on snmp\n[7:3.3.8-13]\n- Resolves: #1204375 - squid sends incorrect ssl chain breaking newer gnutls\n using applications", "edition": 4, "modified": "2015-11-23T00:00:00", "published": "2015-11-23T00:00:00", "id": "ELSA-2015-2378", "href": "http://linux.oracle.com/errata/ELSA-2015-2378.html", "title": "squid security and bug fix update", "type": "oraclelinux", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:47", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3455"], "description": "The flaw allows remote servers to bypass client certificate validation.\nSome attackers may also be able to use valid certificates for one domain\nsigned by a global Certificate Authority to abuse an unrelated domain.\nHowever, the bug is exploitable only if you have configured Squid to\nperform SSL Bumping with the "client-first" or "bump" mode of operation.\nSites that do not use SSL-Bump are not vulnerable.", "modified": "2015-05-01T00:00:00", "published": "2015-05-01T00:00:00", "id": "ASA-201505-1", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html", "type": "archlinux", "title": "squid: weak certificate validation", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:11", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3455"], "description": "\nSquid security advisory 2015:1 reports:\n\nSquid configured with client-first SSL-bump does not correctly\n\t validate X509 server certificate domain / hostname fields.\nThe bug is important because it allows remote servers to bypass\n\t client certificate validation. Some attackers may also be able\n\t to use valid certificates for one domain signed by a global\n\t Certificate Authority to abuse an unrelated domain.\nHowever, the bug is exploitable only if you have configured\n\t Squid to perform SSL Bumping with the \"client-first\" or \"bump\"\n\t mode of operation.\nSites that do not use SSL-Bump are not vulnerable.\nAll Squid built without SSL support are not vulnerable to the\n\t problem.\n\nThe FreeBSD port does not use SSL by default and is not vulnerable\n\t in the default configuration.\n", "edition": 4, "modified": "2015-05-01T00:00:00", "published": "2015-05-01T00:00:00", "id": "B6DA24DA-23F7-11E5-A4A5-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/b6da24da-23f7-11e5-a4a5-002590263bf5.html", "title": "squid -- client-first SSL-bump does not correctly validate X509 server certificate", "type": "freebsd", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}], "redhat": [{"lastseen": "2019-08-13T18:45:33", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3455"], "description": "Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nIt was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in-the-middle attacker could use this flaw to spoof a Squid server\nusing a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs:\n\n* Previously, the squid process did not handle file descriptors correctly\nwhen receiving Simple Network Management Protocol (SNMP) requests. As a\nconsequence, the process gradually accumulated open file descriptors. This\nbug has been fixed and squid now handles SNMP requests correctly, closing\nfile descriptors when necessary. (BZ#1198778)\n\n* Under high system load, the squid process sometimes terminated\nunexpectedly with a segmentation fault during reboot. This update provides\nbetter memory handling during reboot, thus fixing this bug. (BZ#1225640)\n\nUsers of squid are advised to upgrade to these updated packages, which fix\nthese bugs. After installing this update, the squid service will be\nrestarted automatically.", "modified": "2018-04-12T03:33:20", "published": "2015-11-19T18:41:16", "id": "RHSA-2015:2378", "href": "https://access.redhat.com/errata/RHSA-2015:2378", "type": "redhat", "title": "(RHSA-2015:2378) Moderate: squid security and bug fix update", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-01T05:05:56", "description": "Updated squid packages that fix one security issue and two bugs are\nnow available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nIt was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in-the-middle attacker could use this flaw to spoof a Squid server\nusing a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs :\n\n* Previously, the squid process did not handle file descriptors\ncorrectly when receiving Simple Network Management Protocol (SNMP)\nrequests. As a consequence, the process gradually accumulated open\nfile descriptors. This bug has been fixed and squid now handles SNMP\nrequests correctly, closing file descriptors when necessary.\n(BZ#1198778)\n\n* Under high system load, the squid process sometimes terminated\nunexpectedly with a segmentation fault during reboot. This update\nprovides better memory handling during reboot, thus fixing this bug.\n(BZ#1225640)\n\nUsers of squid are advised to upgrade to these updated packages, which\nfix these bugs. After installing this update, the squid service will\nbe restarted automatically.", "edition": 27, "published": "2015-11-20T00:00:00", "title": "RHEL 7 : squid (RHSA-2015:2378)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3455"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squid", "p-cpe:/a:redhat:enterprise_linux:squid-sysvinit", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.7", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.2", "p-cpe:/a:redhat:enterprise_linux:squid-debuginfo", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "REDHAT-RHSA-2015-2378.NASL", "href": "https://www.tenable.com/plugins/nessus/86986", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2378. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86986);\n script_version(\"2.11\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-3455\");\n script_xref(name:\"RHSA\", value:\"2015:2378\");\n\n script_name(english:\"RHEL 7 : squid (RHSA-2015:2378)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages that fix one security issue and two bugs are\nnow available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nIt was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in-the-middle attacker could use this flaw to spoof a Squid server\nusing a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs :\n\n* Previously, the squid process did not handle file descriptors\ncorrectly when receiving Simple Network Management Protocol (SNMP)\nrequests. As a consequence, the process gradually accumulated open\nfile descriptors. This bug has been fixed and squid now handles SNMP\nrequests correctly, closing file descriptors when necessary.\n(BZ#1198778)\n\n* Under high system load, the squid process sometimes terminated\nunexpectedly with a segmentation fault during reboot. This update\nprovides better memory handling during reboot, thus fixing this bug.\n(BZ#1225640)\n\nUsers of squid are advised to upgrade to these updated packages, which\nfix these bugs. After installing this update, the squid service will\nbe restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2378\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3455\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected squid, squid-debuginfo and / or squid-sysvinit\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2378\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-3.3.8-26.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-3.3.8-26.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-debuginfo-3.3.8-26.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.3.8-26.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-sysvinit-3.3.8-26.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.3.8-26.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-sysvinit\");\n }\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-01T05:49:57", "description": "According to its banner, the version of Squid running on the remote\nhost is 3.2 prior to 3.2.14 / 3.3.14 / 3.4.13 / 3.5.4. It is,\ntherefore, potentially affected by a flaw related to certificate\nvalidation due to the server hostname not being verified as matching a\nthe domain name in the certificate Subject's Common Name (CN) or the\nSubjectAltName fields. A man-in-the-middle attacker, using a crafted\ncertificate, can utilize this to spoof a TLS/SSL server, thus allowing\nthe disclosure or manipulation of intercepted data. Note that this\nflaw is exploitable only if Squid is configured to perform SSL Bumping\nwith the 'client-first' or 'bump' mode of operation.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number. The patch\nreleased to address the issue does not update the version in the\nbanner. If the patch has been applied properly, and the service has\nbeen restarted, consider this to be a false positive.", "edition": 25, "published": "2015-05-19T00:00:00", "title": "Squid 3.2 < 3.5.4 Incorrect X509 Server Certificate Validation Vulnerability", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3455"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:squid-cache:squid"], "id": "SQUID_3_5_4.NASL", "href": "https://www.tenable.com/plugins/nessus/83529", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83529);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\"CVE-2015-3455\");\n script_bugtraq_id(74438);\n\n script_name(english:\"Squid 3.2 < 3.5.4 Incorrect X509 Server Certificate Validation Vulnerability\");\n script_summary(english:\"Checks the version of Squid.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy server may be affected by a certificate validation\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Squid running on the remote\nhost is 3.2 prior to 3.2.14 / 3.3.14 / 3.4.13 / 3.5.4. It is,\ntherefore, potentially affected by a flaw related to certificate\nvalidation due to the server hostname not being verified as matching a\nthe domain name in the certificate Subject's Common Name (CN) or the\nSubjectAltName fields. A man-in-the-middle attacker, using a crafted\ncertificate, can utilize this to spoof a TLS/SSL server, thus allowing\nthe disclosure or manipulation of intercepted data. Note that this\nflaw is exploitable only if Squid is configured to perform SSL Bumping\nwith the 'client-first' or 'bump' mode of operation.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number. The patch\nreleased to address the issue does not update the version in the\nbanner. If the patch has been applied properly, and the service has\nbeen restarted, consider this to be a false positive.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2015_1.txt\");\n # http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID_3_5_4.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8ef2aa9b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Squid versions 3.2.14 / 3.3.14 / 3.4.13 / 3.5.4, or apply\nthe vendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3455\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/19\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squid-cache:squid\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"squid_version.nasl\");\n script_require_keys(\"www/squid\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/http_proxy\", 3128, 8080);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Build a list of ports from the\nlist = get_kb_list(\"http_proxy/*/squid/version\");\nif (isnull(list)) audit(AUDIT_NOT_INST, \"Squid\");\n\n# nb: banner checks of open source software are prone to false-\n# positives so only run the check if reporting is paranoid.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvulnerable = FALSE;\nnot_vuln_list = make_list();\n\nforeach item (keys(list))\n{\n port = ereg_replace(pattern:'^http_proxy/([0-9]+)/squid/version', replace:'\\\\1', string:item);\n version = list[item];\n\n # regexp checked using kb file\n if (\n # version 3.2\n version =~ \"^3\\.2([^\\.0-9]|$)\" ||\n # version 3.2.1-13\n version =~ \"^3\\.2\\.([0-9]|1[0-3])([^0-9]|$)\" ||\n # version 3.3\n version =~ \"^3\\.3([^\\.0-9]|$)\" ||\n # version 3.3.1-13\n version =~ \"^3\\.3\\.([0-9]|1[0-3])([^0-9]|$)\" ||\n # version 3.4\n version =~ \"^3\\.4([^\\.0-9]|$)\" ||\n # version 3.4.1-12\n version =~ \"^3\\.4\\.([0-9]|1[0-2])([^0-9]|$)\" ||\n # version 3.5\n version =~ \"^3\\.5([^\\.0-9]|$)\" ||\n # version 3.5.1-3\n version =~ \"^3\\.5\\.([0-3])([^0-9]|$)\" \n )\n {\n vulnerable = TRUE;\n if (report_verbosity > 0)\n {\n source = get_kb_item('http_proxy/'+port+'/squid/source');\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed versions : 3.5.4, 3.4.13, 3.3.14, and 3.2.14' +\n '\\n';\n security_note(port:port, extra:report);\n }\n else security_note(port);\n }\n else not_vuln_list = make_list(not_vuln_list, version + \" on port \" + port);\n}\n\nif (vulnerable) exit(0);\nelse\n{\n installs = max_index(not_vuln_list);\n if (installs == 0) audit(AUDIT_NOT_INST, \"Squid\");\n else if (installs == 1)\n audit(AUDIT_INST_VER_NOT_VULN, \"Squid\", not_vuln_list[0]);\n else\n exit(0, \"The Squid installs (\"+ join(not_vuln_list, sep:\", \") + \") are not affected.\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-06T09:30:25", "description": "Updated squid packages that fix one security issue and two bugs are\nnow available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nIt was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in-the-middle attacker could use this flaw to spoof a Squid server\nusing a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs :\n\n* Previously, the squid process did not handle file descriptors\ncorrectly when receiving Simple Network Management Protocol (SNMP)\nrequests. As a consequence, the process gradually accumulated open\nfile descriptors. This bug has been fixed and squid now handles SNMP\nrequests correctly, closing file descriptors when necessary.\n(BZ#1198778)\n\n* Under high system load, the squid process sometimes terminated\nunexpectedly with a segmentation fault during reboot. This update\nprovides better memory handling during reboot, thus fixing this bug.\n(BZ#1225640)\n\nUsers of squid are advised to upgrade to these updated packages, which\nfix these bugs. After installing this update, the squid service will\nbe restarted automatically.", "edition": 27, "published": "2015-12-02T00:00:00", "title": "CentOS 7 : squid (CESA-2015:2378)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3455"], "modified": "2015-12-02T00:00:00", "cpe": ["cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:squid", "p-cpe:/a:centos:centos:squid-sysvinit"], "id": "CENTOS_RHSA-2015-2378.NASL", "href": "https://www.tenable.com/plugins/nessus/87154", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2378 and \n# CentOS Errata and Security Advisory 2015:2378 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87154);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-3455\");\n script_xref(name:\"RHSA\", value:\"2015:2378\");\n\n script_name(english:\"CentOS 7 : squid (CESA-2015:2378)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages that fix one security issue and two bugs are\nnow available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nIt was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in-the-middle attacker could use this flaw to spoof a Squid server\nusing a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs :\n\n* Previously, the squid process did not handle file descriptors\ncorrectly when receiving Simple Network Management Protocol (SNMP)\nrequests. As a consequence, the process gradually accumulated open\nfile descriptors. This bug has been fixed and squid now handles SNMP\nrequests correctly, closing file descriptors when necessary.\n(BZ#1198778)\n\n* Under high system load, the squid process sometimes terminated\nunexpectedly with a segmentation fault during reboot. This update\nprovides better memory handling during reboot, thus fixing this bug.\n(BZ#1225640)\n\nUsers of squid are advised to upgrade to these updated packages, which\nfix these bugs. After installing this update, the squid service will\nbe restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2015-November/002624.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c9cc8d0b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3455\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-3.3.8-26.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.3.8-26.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-sysvinit\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-07T10:49:19", "description": "Squid security advisory 2015:1 reports :\n\nSquid configured with client-first SSL-bump does not correctly\nvalidate X509 server certificate domain / hostname fields.\n\nThe bug is important because it allows remote servers to bypass client\ncertificate validation. Some attackers may also be able to use valid\ncertificates for one domain signed by a global Certificate Authority\nto abuse an unrelated domain.\n\nHowever, the bug is exploitable only if you have configured Squid to\nperform SSL Bumping with the 'client-first' or 'bump' mode of\noperation.\n\nSites that do not use SSL-Bump are not vulnerable.\n\nAll Squid built without SSL support are not vulnerable to the problem.\n\nThe FreeBSD port does not use SSL by default and is not vulnerable in\nthe default configuration.", "edition": 22, "published": "2015-07-07T00:00:00", "title": "FreeBSD : squid -- client-first SSL-bump does not correctly validate X509 server certificate (b6da24da-23f7-11e5-a4a5-002590263bf5)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3455"], "modified": "2015-07-07T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:squid", "p-cpe:/a:freebsd:freebsd:squid32", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:squid33"], "id": "FREEBSD_PKG_B6DA24DA23F711E5A4A5002590263BF5.NASL", "href": "https://www.tenable.com/plugins/nessus/84555", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84555);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-3455\");\n\n script_name(english:\"FreeBSD : squid -- client-first SSL-bump does not correctly validate X509 server certificate (b6da24da-23f7-11e5-a4a5-002590263bf5)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Squid security advisory 2015:1 reports :\n\nSquid configured with client-first SSL-bump does not correctly\nvalidate X509 server certificate domain / hostname fields.\n\nThe bug is important because it allows remote servers to bypass client\ncertificate validation. Some attackers may also be able to use valid\ncertificates for one domain signed by a global Certificate Authority\nto abuse an unrelated domain.\n\nHowever, the bug is exploitable only if you have configured Squid to\nperform SSL Bumping with the 'client-first' or 'bump' mode of\noperation.\n\nSites that do not use SSL-Bump are not vulnerable.\n\nAll Squid built without SSL support are not vulnerable to the problem.\n\nThe FreeBSD port does not use SSL by default and is not vulnerable in\nthe default configuration.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2015_1.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/b6da24da-23f7-11e5-a4a5-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bd26f4c0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid33\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"squid>=3.5<3.5.4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"squid>=3.4<3.4.13\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"squid33>=3.3<3.3.14\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"squid32>=3.2<3.2.14\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T12:50:16", "description": "From Red Hat Security Advisory 2015:2378 :\n\nUpdated squid packages that fix one security issue and two bugs are\nnow available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nIt was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in-the-middle attacker could use this flaw to spoof a Squid server\nusing a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs :\n\n* Previously, the squid process did not handle file descriptors\ncorrectly when receiving Simple Network Management Protocol (SNMP)\nrequests. As a consequence, the process gradually accumulated open\nfile descriptors. This bug has been fixed and squid now handles SNMP\nrequests correctly, closing file descriptors when necessary.\n(BZ#1198778)\n\n* Under high system load, the squid process sometimes terminated\nunexpectedly with a segmentation fault during reboot. This update\nprovides better memory handling during reboot, thus fixing this bug.\n(BZ#1225640)\n\nUsers of squid are advised to upgrade to these updated packages, which\nfix these bugs. After installing this update, the squid service will\nbe restarted automatically.", "edition": 24, "published": "2015-11-24T00:00:00", "title": "Oracle Linux 7 : squid (ELSA-2015-2378)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3455"], "modified": "2015-11-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:squid-sysvinit", "p-cpe:/a:oracle:linux:squid", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-2378.NASL", "href": "https://www.tenable.com/plugins/nessus/87037", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2378 and \n# Oracle Linux Security Advisory ELSA-2015-2378 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87037);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3455\");\n script_xref(name:\"RHSA\", value:\"2015:2378\");\n\n script_name(english:\"Oracle Linux 7 : squid (ELSA-2015-2378)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2378 :\n\nUpdated squid packages that fix one security issue and two bugs are\nnow available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nIt was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in-the-middle attacker could use this flaw to spoof a Squid server\nusing a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs :\n\n* Previously, the squid process did not handle file descriptors\ncorrectly when receiving Simple Network Management Protocol (SNMP)\nrequests. As a consequence, the process gradually accumulated open\nfile descriptors. This bug has been fixed and squid now handles SNMP\nrequests correctly, closing file descriptors when necessary.\n(BZ#1198778)\n\n* Under high system load, the squid process sometimes terminated\nunexpectedly with a segmentation fault during reboot. This update\nprovides better memory handling during reboot, thus fixing this bug.\n(BZ#1225640)\n\nUsers of squid are advised to upgrade to these updated packages, which\nfix these bugs. After installing this update, the squid service will\nbe restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-November/005571.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"squid-3.3.8-26.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.3.8-26.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-sysvinit\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T11:51:50", "description": "Updated squid packages fix security vulnerability :\n\nSquid configured with client-first SSL-bump does not correctly\nvalidate X509 server certificate domain / hostname fields\n(CVE-2015-3455).", "edition": 24, "published": "2015-05-07T00:00:00", "title": "Mandriva Linux Security Advisory : squid (MDVSA-2015:230)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3455"], "modified": "2015-05-07T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:2", "p-cpe:/a:mandriva:linux:squid-cachemgr", "p-cpe:/a:mandriva:linux:squid"], "id": "MANDRIVA_MDVSA-2015-230.NASL", "href": "https://www.tenable.com/plugins/nessus/83276", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:230. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83276);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3455\");\n script_xref(name:\"MDVSA\", value:\"2015:230\");\n\n script_name(english:\"Mandriva Linux Security Advisory : squid (MDVSA-2015:230)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages fix security vulnerability :\n\nSquid configured with client-first SSL-bump does not correctly\nvalidate X509 server certificate domain / hostname fields\n(CVE-2015-3455).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2015-0191.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-cachemgr packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid-cachemgr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"squid-3.3.14-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"squid-cachemgr-3.3.14-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T13:49:04", "description": "It was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in- the-middle attacker could use this flaw to spoof a Squid\nserver using a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs :\n\n - Previously, the squid process did not handle file\n descriptors correctly when receiving Simple Network\n Management Protocol (SNMP) requests. As a consequence,\n the process gradually accumulated open file descriptors.\n This bug has been fixed and squid now handles SNMP\n requests correctly, closing file descriptors when\n necessary.\n\n - Under high system load, the squid process sometimes\n terminated unexpectedly with a segmentation fault during\n reboot. This update provides better memory handling\n during reboot, thus fixing this bug.\n\nAfter installing this update, the squid service will be restarted\nautomatically.", "edition": 14, "published": "2015-12-22T00:00:00", "title": "Scientific Linux Security Update : squid on SL7.x x86_64 (20151119)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3455"], "modified": "2015-12-22T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:squid-sysvinit", "p-cpe:/a:fermilab:scientific_linux:squid", "p-cpe:/a:fermilab:scientific_linux:squid-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151119_SQUID_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/87574", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87574);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3455\");\n\n script_name(english:\"Scientific Linux Security Update : squid on SL7.x x86_64 (20151119)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that Squid configured with client-first SSL-bump did not\ncorrectly validate X.509 server certificate host name fields. A\nman-in- the-middle attacker could use this flaw to spoof a Squid\nserver using a specially crafted X.509 certificate. (CVE-2015-3455)\n\nThis update fixes the following bugs :\n\n - Previously, the squid process did not handle file\n descriptors correctly when receiving Simple Network\n Management Protocol (SNMP) requests. As a consequence,\n the process gradually accumulated open file descriptors.\n This bug has been fixed and squid now handles SNMP\n requests correctly, closing file descriptors when\n necessary.\n\n - Under high system load, the squid process sometimes\n terminated unexpectedly with a segmentation fault during\n reboot. This update provides better memory handling\n during reboot, thus fixing this bug.\n\nAfter installing this update, the squid service will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1512&L=scientific-linux-errata&F=&S=&P=15001\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b91f1e14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected squid, squid-debuginfo and / or squid-sysvinit\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-3.3.8-26.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.3.8-26.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.3.8-26.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-sysvinit\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:14:25", "description": "Security fix for CVE-2016-2571, CVE-2016-2572 ---- squid-3.4.13-3.fc22\n- Resolves: #1231992 ---- Security fix for #1240741, #1240744 Updated\nto version 3.4.13, which fixes CVE-2015-3455\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "published": "2016-05-09T00:00:00", "title": "Fedora 22 : libecap-1.0.0-1.fc22 / squid-3.5.10-1.fc22 (2016-7b40eb9e29)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5400", "CVE-2015-3455", "CVE-2016-2571", "CVE-2016-2572"], "modified": "2016-05-09T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squid", "cpe:/o:fedoraproject:fedora:22", "p-cpe:/a:fedoraproject:fedora:libecap"], "id": "FEDORA_2016-7B40EB9E29.NASL", "href": "https://www.tenable.com/plugins/nessus/90960", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-7b40eb9e29.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90960);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-3455\", \"CVE-2015-5400\");\n script_xref(name:\"FEDORA\", value:\"2016-7b40eb9e29\");\n\n script_name(english:\"Fedora 22 : libecap-1.0.0-1.fc22 / squid-3.5.10-1.fc22 (2016-7b40eb9e29)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-2571, CVE-2016-2572 ---- squid-3.4.13-3.fc22\n- Resolves: #1231992 ---- Security fix for #1240741, #1240744 Updated\nto version 3.4.13, which fixes CVE-2015-3455\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1218118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1240741\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183597.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?314ae20e\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183598.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?51491c24\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libecap and / or squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libecap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"libecap-1.0.0-1.fc22\")) flag++;\nif (rpm_check(release:\"FC22\", reference:\"squid-3.5.10-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libecap / squid\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T14:24:30", "description": "The Squid HTTP proxy has been updated to version 3.3.14, fixing the\nfollowing security issues :\n\n - Fixed multiple Denial of Service issues in HTTP Response\n processing. (CVE-2016-2569, CVE-2016-2570,\n CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393,\n bsc#968394, bsc#968395)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6\n processing. (bsc#973782)\n\n - CVE-2015-5400: Improper protection of alternate path.\n (bsc#938715)\n\n - CVE-2015-3455: Squid http proxy configured with\n client-first SSL bumping did not correctly validate\n server certificate. (bsc#929493)\n\n - CVE-2016-3948: Fixed denial of service in HTTP Response\n processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi\n (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054: Fixed\n multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4553: Fixed cache poisoning issue in HTTP\n Request handling (bsc#979009)\n\n - CVE-2016-4554: Fixed header smuggling issue in HTTP\n Request processing (bsc#979010)\n\n - Fixed multiple Denial of Service issues in ESI Response\n processing. (CVE-2016-4555, CVE-2016-4556, bsc#979011,\n bsc#979008)\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 30, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-02T00:00:00", "title": "SUSE SLES12 Security Update : squid (SUSE-SU-2016:2008-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5400", "CVE-2016-4051", "CVE-2016-4555", "CVE-2016-2570", "CVE-2016-4052", "CVE-2016-3947", "CVE-2016-2569", "CVE-2015-3455", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-2571", "CVE-2016-4054", "CVE-2016-4053", "CVE-2016-3948", "CVE-2016-2572"], "modified": "2016-09-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:squid", "p-cpe:/a:novell:suse_linux:squid-debugsource", "p-cpe:/a:novell:suse_linux:squid-debuginfo"], "id": "SUSE_SU-2016-2008-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93279", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2008-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93279);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-3455\", \"CVE-2015-5400\", \"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n script_bugtraq_id(74438);\n\n script_name(english:\"SUSE SLES12 Security Update : squid (SUSE-SU-2016:2008-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Squid HTTP proxy has been updated to version 3.3.14, fixing the\nfollowing security issues :\n\n - Fixed multiple Denial of Service issues in HTTP Response\n processing. (CVE-2016-2569, CVE-2016-2570,\n CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393,\n bsc#968394, bsc#968395)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6\n processing. (bsc#973782)\n\n - CVE-2015-5400: Improper protection of alternate path.\n (bsc#938715)\n\n - CVE-2015-3455: Squid http proxy configured with\n client-first SSL bumping did not correctly validate\n server certificate. (bsc#929493)\n\n - CVE-2016-3948: Fixed denial of service in HTTP Response\n processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi\n (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054: Fixed\n multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4553: Fixed cache poisoning issue in HTTP\n Request handling (bsc#979009)\n\n - CVE-2016-4554: Fixed header smuggling issue in HTTP\n Request processing (bsc#979010)\n\n - Fixed multiple Denial of Service issues in ESI Response\n processing. (CVE-2016-4555, CVE-2016-4556, bsc#979011,\n bsc#979008)\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=929493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3455/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5400/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2570/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2571/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2572/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3947/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3948/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4051/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4052/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4053/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4054/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4553/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4554/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4555/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4556/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162008-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0de7d73e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2016-1184=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"squid-3.3.14-20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"squid-debuginfo-3.3.14-20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"squid-debugsource-3.3.14-20.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T11:13:09", "description": "The Squid HTTP proxy has been updated to version 3.3.14, fixing the\nfollowing security issues :\n\n - Fixed multiple Denial of Service issues in HTTP Response\n processing. (CVE-2016-2569, CVE-2016-2570,\n CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393,\n bsc#968394, bsc#968395)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6\n processing. (bsc#973782)\n\n - CVE-2015-5400: Improper protection of alternate path.\n (bsc#938715)\n\n - CVE-2015-3455: Squid http proxy configured with\n client-first SSL bumping did not correctly validate\n server certificate. (bsc#929493)\n\n - CVE-2016-3948: Fixed denial of service in HTTP Response\n processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi\n (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054: Fixed\n multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4553: Fixed cache poisoning issue in HTTP\n Request handling (bsc#979009)\n\n - CVE-2016-4554: Fixed header smuggling issue in HTTP\n Request processing (bsc#979010)\n\n - Fixed multiple Denial of Service issues in ESI Response\n processing. (CVE-2016-4555, CVE-2016-4556, bsc#979011,\n bsc#979008)\n\nAdditionally, the following non-security issues have been fixed :\n\n - Fix header size in script unsquid.pl. (bsc#902197)\n\n - Add external helper ext_session_acl to package.\n (bsc#959290)\n\n - Update forward_max_tries to permit 25 server paths With\n cloud sites becoming more popular more CDN servers are\n producing long lists of IPv6 and IPv4 addresses. If\n there are not enough paths selected the IPv4 ones may\n never be reached.\n\n - squid.init: wait that squid really dies when we kill it\n on upgrade instead of proclaiming its demise prematurely\n (bnc#963539)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "edition": 17, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-08-17T00:00:00", "title": "openSUSE Security Update : squid (openSUSE-2016-988)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5400", "CVE-2016-4051", "CVE-2016-4555", "CVE-2016-2570", "CVE-2016-4052", "CVE-2016-3947", "CVE-2016-2569", "CVE-2015-3455", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-2571", "CVE-2016-4054", "CVE-2016-4053", "CVE-2016-3948", "CVE-2016-2572"], "modified": "2016-08-17T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:squid", "cpe:/o:novell:opensuse:42.1", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource"], "id": "OPENSUSE-2016-988.NASL", "href": "https://www.tenable.com/plugins/nessus/92994", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-988.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92994);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2015-3455\", \"CVE-2015-5400\", \"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-2016-988)\");\n script_summary(english:\"Check for the openSUSE-2016-988 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Squid HTTP proxy has been updated to version 3.3.14, fixing the\nfollowing security issues :\n\n - Fixed multiple Denial of Service issues in HTTP Response\n processing. (CVE-2016-2569, CVE-2016-2570,\n CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393,\n bsc#968394, bsc#968395)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6\n processing. (bsc#973782)\n\n - CVE-2015-5400: Improper protection of alternate path.\n (bsc#938715)\n\n - CVE-2015-3455: Squid http proxy configured with\n client-first SSL bumping did not correctly validate\n server certificate. (bsc#929493)\n\n - CVE-2016-3948: Fixed denial of service in HTTP Response\n processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi\n (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054: Fixed\n multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4553: Fixed cache poisoning issue in HTTP\n Request handling (bsc#979009)\n\n - CVE-2016-4554: Fixed header smuggling issue in HTTP\n Request processing (bsc#979010)\n\n - Fixed multiple Denial of Service issues in ESI Response\n processing. (CVE-2016-4555, CVE-2016-4556, bsc#979011,\n bsc#979008)\n\nAdditionally, the following non-security issues have been fixed :\n\n - Fix header size in script unsquid.pl. (bsc#902197)\n\n - Add external helper ext_session_acl to package.\n (bsc#959290)\n\n - Update forward_max_tries to permit 25 server paths With\n cloud sites becoming more popular more CDN servers are\n producing long lists of IPv6 and IPv4 addresses. If\n there are not enough paths selected the IPv4 ones may\n never be reached.\n\n - squid.init: wait that squid really dies when we kill it\n on upgrade instead of proclaiming its demise prematurely\n (bnc#963539)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=929493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=938715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=963539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=973782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=973783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=979008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=979009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=979010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=979011\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"squid-3.3.14-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"squid-debuginfo-3.3.14-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"squid-debugsource-3.3.14-6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3455", "CVE-2015-5400", "CVE-2016-2571", "CVE-2016-2572"], "description": "eCAP is a software interface that allows a network application, such as an HTTP proxy or an ICAP server, to outsource content analysis and adaptation to a loadable module. For each applicable protocol message being processed, an eCAP-enabled host application supplies the message details to the adaptation module and gets back an adapted message, a \"not interested\" response, or a \"block this message now!\" instruction. These exchanges often include message bodies. The adaptation module can also exchange meta-information with the host application to supply additional details such as configuration options, a reason behind the decision to ignore a message, or a detected virus name. If you are familiar with the ICAP protocol (RFC 3507), then you may think of eCAP as an \"embedded ICAP\", where network interactions with an ICAP server are replaced with function calls to an adaptation module. ", "modified": "2016-05-06T19:58:05", "published": "2016-05-06T19:58:05", "id": "FEDORA:3891B6342020", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: libecap-1.0.0-1.fc22", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3455", "CVE-2015-5400", "CVE-2016-2571", "CVE-2016-2572"], "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "modified": "2016-05-06T19:58:05", "published": "2016-05-06T19:58:05", "id": "FEDORA:49B4D604B01E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: squid-3.5.10-1.fc22", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
