Search...

Oracle Linux 6 : squid (ELSA-2014-0597)

2014-06-04T00:00:00

ID ORACLELINUX_ELSA-2014-0597.NASL
Type nessus
Reporter This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2014-06-04T00:00:00

Description

From Red Hat Security Advisory 2014:0597 :

Updated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

A denial of service flaw was found in the way Squid processed certain HTTPS requests when the SSL Bump feature was enabled. A remote attacker could send specially crafted requests that could cause Squid to crash. (CVE-2014-0128)

Red Hat would like to thank the Squid project for reporting this issue. Upstream acknowledges Mathias Fischer and Fabian Hugelshofer from Open Systems AG as the original reporters.

All squid users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2014:0597 and 
# Oracle Linux Security Advisory ELSA-2014-0597 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(74299);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2014-0128");
  script_bugtraq_id(66112);
  script_xref(name:"RHSA", value:"2014:0597");

  script_name(english:"Oracle Linux 6 : squid (ELSA-2014-0597)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Oracle Linux host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"From Red Hat Security Advisory 2014:0597 :

Updated squid packages that fix one security issue are now available
for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
Moderate security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from
the CVE link in the References section.

Squid is a high-performance proxy caching server for web clients,
supporting FTP, Gopher, and HTTP data objects.

A denial of service flaw was found in the way Squid processed certain
HTTPS requests when the SSL Bump feature was enabled. A remote
attacker could send specially crafted requests that could cause Squid
to crash. (CVE-2014-0128)

Red Hat would like to thank the Squid project for reporting this
issue. Upstream acknowledges Mathias Fischer and Fabian Hugelshofer
from Open Systems AG as the original reporters.

All squid users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. After
installing this update, the squid service will be restarted
automatically."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2014-June/004166.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected squid package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:squid");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/04/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/06/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/04");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Oracle Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);

flag = 0;
if (rpm_check(release:"EL6", reference:"squid-3.1.10-20.el6_5.3")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "squid");
}

JSON Vulners Source

Initial Source

{"id": "ORACLELINUX_ELSA-2014-0597.NASL", "bulletinFamily": "scanner", "title": "Oracle Linux 6 : squid (ELSA-2014-0597)", "description": "From Red Hat Security Advisory 2014:0597 :\n\nUpdated squid packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed certain\nHTTPS requests when the SSL Bump feature was enabled. A remote\nattacker could send specially crafted requests that could cause Squid\nto crash. (CVE-2014-0128)\n\nRed Hat would like to thank the Squid project for reporting this\nissue. Upstream acknowledges Mathias Fischer and Fabian Hugelshofer\nfrom Open Systems AG as the original reporters.\n\nAll squid users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling this update, the squid service will be restarted\nautomatically.", "published": "2014-06-04T00:00:00", "modified": "2014-06-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/74299", "reporter": "This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-June/004166.html"], "cvelist": ["CVE-2014-0128"], "type": "nessus", "lastseen": "2021-01-17T12:48:59", "edition": 21, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-0128"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0597"]}, {"type": "seebug", "idList": ["SSV:61781"]}, {"type": "centos", "idList": ["CESA-2014:0597"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30806", "SECURITYVULNS:VULN:13827"]}, {"type": "amazon", "idList": ["ALAS-2014-360", "ALAS-2014-433"]}, {"type": "redhat", "idList": ["RHSA-2014:0597"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2014-114.NASL", "SUSE_11_SQUID3-140415.NASL", "REDHAT-RHSA-2014-0597.NASL", "FEDORA_2014-4800.NASL", "FEDORA_2014-3915.NASL", "SL_20140603_SQUID_ON_SL6_X.NASL", "SQUID_3_4_4.NASL", "ALA_ALAS-2014-360.NASL", "OPENSUSE-2014-316.NASL", "CENTOS_RHSA-2014-0597.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310867694", "OPENVAS:1361412562310121286", "OPENVAS:1361412562310867645", "OPENVAS:1361412562310881945", "OPENVAS:1361412562310120342", "OPENVAS:1361412562310120143", "OPENVAS:1361412562310123406", "OPENVAS:1361412562310871175", "OPENVAS:1361412562310806107", "OPENVAS:867645"]}, {"type": "fedora", "idList": ["FEDORA:EFD3C2150F", "FEDORA:2D85421A4C"]}, {"type": "gentoo", "idList": ["GLSA-201411-11"]}, {"type": "suse", "idList": ["SUSE-SU-2016:1996-1", "SUSE-SU-2016:2089-1"]}], "modified": "2021-01-17T12:48:59", "rev": 2}, "score": {"value": 5.0, "vector": "NONE", "modified": "2021-01-17T12:48:59", "rev": 2}, "vulnersScore": 5.0}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0597 and \n# Oracle Linux Security Advisory ELSA-2014-0597 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74299);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-0128\");\n script_bugtraq_id(66112);\n script_xref(name:\"RHSA\", value:\"2014:0597\");\n\n script_name(english:\"Oracle Linux 6 : squid (ELSA-2014-0597)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0597 :\n\nUpdated squid packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed certain\nHTTPS requests when the SSL Bump feature was enabled. A remote\nattacker could send specially crafted requests that could cause Squid\nto crash. (CVE-2014-0128)\n\nRed Hat would like to thank the Squid project for reporting this\nissue. Upstream acknowledges Mathias Fischer and Fabian Hugelshofer\nfrom Open Systems AG as the original reporters.\n\nAll squid users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling this update, the squid service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-June/004166.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"squid-3.1.10-20.el6_5.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "naslFamily": "Oracle Linux Local Security Checks", "pluginID": "74299", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:squid"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T12:01:11", "description": "Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management.", "edition": 3, "cvss3": {}, "published": "2014-04-14T15:09:00", "title": "CVE-2014-0128", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0128"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:squid-cache:squid:3.3.6", "cpe:/a:squid-cache:squid:3.1.11", "cpe:/a:squid-cache:squid:3.1.0.18", "cpe:/a:squid-cache:squid:3.2.4", "cpe:/a:squid-cache:squid:3.2.2", "cpe:/a:squid-cache:squid:3.4.0.2", "cpe:/a:squid-cache:squid:3.1.13", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.1.5", "cpe:/a:squid-cache:squid:3.1.0.12", "cpe:/a:squid-cache:squid:3.2.0.15", "cpe:/a:squid-cache:squid:3.2.0.11", "cpe:/a:squid-cache:squid:3.4.0.1", "cpe:/a:squid-cache:squid:3.1.9", "cpe:/a:squid-cache:squid:3.1.0.9", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.4.1", "cpe:/a:squid-cache:squid:3.2.7", "cpe:/a:squid-cache:squid:3.2.0.16", "cpe:/a:squid-cache:squid:3.2.0.13", "cpe:/a:squid-cache:squid:3.3.9", "cpe:/a:squid-cache:squid:3.2.11", "cpe:/a:squid-cache:squid:3.3.1", "cpe:/a:squid-cache:squid:3.2.3", "cpe:/a:squid-cache:squid:3.3.7", "cpe:/a:squid-cache:squid:3.1.14", "cpe:/a:squid-cache:squid:3.2.5", "cpe:/a:squid-cache:squid:3.2.6", "cpe:/a:squid-cache:squid:3.1.2", "cpe:/a:squid-cache:squid:3.1.0.4", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.1.0.16", "cpe:/a:squid-cache:squid:3.1.0.8", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/a:squid-cache:squid:3.2.0.10", "cpe:/a:squid-cache:squid:3.1.0.10", "cpe:/a:squid-cache:squid:3.1.3", "cpe:/a:squid-cache:squid:3.2.8", "cpe:/a:squid-cache:squid:3.1.0.3", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.2.0.14", "cpe:/a:squid-cache:squid:3.4.2", "cpe:/a:squid-cache:squid:3.1.0.11", "cpe:/a:squid-cache:squid:3.3.10", "cpe:/a:squid-cache:squid:3.1.0.15", "cpe:/a:squid-cache:squid:3.2.1", "cpe:/a:squid-cache:squid:3.1.4", "cpe:/a:squid-cache:squid:3.2.0.12", "cpe:/a:squid-cache:squid:3.2.9", "cpe:/a:squid-cache:squid:3.1.0.6", "cpe:/a:squid-cache:squid:3.3.8", "cpe:/a:squid-cache:squid:3.1.0.14", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.1.0.13", "cpe:/a:squid-cache:squid:3.1.6", "cpe:/a:squid-cache:squid:3.1.0.1", "cpe:/a:squid-cache:squid:3.1.0.2", "cpe:/a:squid-cache:squid:3.4.3", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/o:opensuse:opensuse:11.4", "cpe:/a:squid-cache:squid:3.2.0.1", "cpe:/a:squid-cache:squid:3.1.0.7", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/a:squid-cache:squid:3.2.0.18", "cpe:/a:squid-cache:squid:3.1", "cpe:/a:squid-cache:squid:3.2.12", "cpe:/a:squid-cache:squid:3.1.1", "cpe:/a:squid-cache:squid:3.3.0", "cpe:/a:squid-cache:squid:3.1.0.5", "cpe:/a:squid-cache:squid:3.1.10", "cpe:/a:squid-cache:squid:3.1.7", "cpe:/a:squid-cache:squid:3.1.8", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.3.11", "cpe:/a:squid-cache:squid:3.2.0.19", "cpe:/a:squid-cache:squid:3.2.0.17", "cpe:/a:squid-cache:squid:3.1.15", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.1.12", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.1.5.1", "cpe:/a:squid-cache:squid:3.1.0.17", "cpe:/a:squid-cache:squid:3.4.0.3", "cpe:/a:squid-cache:squid:3.2.0.2", "cpe:/a:squid-cache:squid:3.2.10", "cpe:/a:squid-cache:squid:3.2.0.6"], "id": "CVE-2014-0128", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0128", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*"]}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:19", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0128"], "description": "[7:3.1.10-20.3]\n- Resolves: #1098134 - CVE-2014-0128 squid: denial of service when using\n SSL-Bump\n[7:3.1.10-20.2]\n- revert: Resolves: #1039088 - issues with timeout on HTTPS connections\n[7:3.1.10-20.1]\n- Resolves: #1093072 - issues with timeout on HTTPS connections", "edition": 4, "modified": "2014-06-03T00:00:00", "published": "2014-06-03T00:00:00", "id": "ELSA-2014-0597", "href": "http://linux.oracle.com/errata/ELSA-2014-0597.html", "title": "squid security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "seebug": [{"lastseen": "2017-11-19T17:31:07", "description": "CVE ID:CVE-2014-0128\r\n\r\nSquid Cache(\u7b80\u79f0\u4e3aSquid)\u662f\u4e00\u4e2a\u6d41\u884c\u7684\u4ee3\u7406\u670d\u52a1\u5668\u548cWeb\u7f13\u5b58\u670d\u52a1\u5668\u8f6f\u4ef6\u3002\r\n\r\nSquid SSL-Bump\u4e2d\u76f8\u5173\u72b6\u6001\u7ba1\u7406\u5904\u7406\u5b58\u5728\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u63d0\u4ea4\u7279\u5236\u7684HTTP\u8bf7\u6c42\u89e6\u53d1\u65ad\u8a00\u9519\u8bef\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\n0\nSquid 3.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nSquid\r\n-----\r\nSquid 3.3.12\u62163.4.4\u5df2\u7ecf\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://www.squid-cache.org", "published": "2014-03-13T00:00:00", "title": "Squid SSL-Bump HTTPS\u8bf7\u6c42\u5904\u7406\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0128"], "modified": "2014-03-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61781", "id": "SSV:61781", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": ""}], "centos": [{"lastseen": "2019-12-20T18:28:23", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0128"], "description": "**CentOS Errata and Security Advisory** CESA-2014:0597\n\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed certain HTTPS\nrequests when the SSL Bump feature was enabled. A remote attacker could\nsend specially crafted requests that could cause Squid to crash.\n(CVE-2014-0128)\n\nRed Hat would like to thank the Squid project for reporting this issue.\nUpstream acknowledges Mathias Fischer and Fabian Hugelshofer from Open\nSystems AG as the original reporters.\n\nAll squid users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the squid service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-June/032378.html\n\n**Affected packages:**\nsquid\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0597.html", "edition": 3, "modified": "2014-06-04T10:04:04", "published": "2014-06-04T10:04:04", "href": "http://lists.centos.org/pipermail/centos-announce/2014-June/032378.html", "id": "CESA-2014:0597", "title": "squid security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:56", "bulletinFamily": "software", "cvelist": ["CVE-2014-0128"], "description": "DoS via Range: request if SSL-Bump is allowed.", "edition": 1, "modified": "2014-06-14T00:00:00", "published": "2014-06-14T00:00:00", "id": "SECURITYVULNS:VULN:13827", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13827", "title": "squid DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:52", "bulletinFamily": "software", "cvelist": ["CVE-2014-0128"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:114\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : squid\r\n Date : June 10, 2014\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated squid packages fix security vulnerability:\r\n \r\n Due to incorrect state management, Squid before 3.3.12 is vulnerable\r\n to a denial of service attack when processing certain HTTPS requests\r\n if the SSL-Bump feature is enabled (CVE-2014-0128).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0128\r\n http://advisories.mageia.org/MGASA-2014-0168.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n f1da6705dc9d97b60df8f966356ee42a mbs1/x86_64/squid-3.1.19-5.4.mbs1.x86_64.rpm\r\n 5b4471cfa144b750df92fa6eaa6a4e7d mbs1/x86_64/squid-cachemgr-3.1.19-5.4.mbs1.x86_64.rpm \r\n f78aff2733e2ca9fce7e436e1cf5b825 mbs1/SRPMS/squid-3.1.19-5.4.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFTlsHpmqjQ0CJFipgRAoErAKDRJlXsgJsUc3b9Om0hmMct6oHQnwCfRaK0\r\nhBwY9zeWGwPOI/hldF24JG0=\r\n=2a/y\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-06-14T00:00:00", "published": "2014-06-14T00:00:00", "id": "SECURITYVULNS:DOC:30806", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30806", "title": "[ MDVSA-2014:114 ] squid", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "amazon": [{"lastseen": "2020-11-10T12:37:36", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0128"], "description": "**Issue Overview:**\n\nA denial of service flaw was found in the way Squid processed certain HTTPS requests when the SSL Bump feature was enabled. A remote attacker could send specially crafted requests that could cause Squid to crash. ([CVE-2014-0128 __](<https://access.redhat.com/security/cve/CVE-2014-0128>))\n\n \n**Affected Packages:** \n\n\nsquid\n\n \n**Issue Correction:** \nRun _yum update squid_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n squid-debuginfo-3.1.10-20.15.amzn1.i686 \n squid-3.1.10-20.15.amzn1.i686 \n \n src: \n squid-3.1.10-20.15.amzn1.src \n \n x86_64: \n squid-3.1.10-20.15.amzn1.x86_64 \n squid-debuginfo-3.1.10-20.15.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-06-15T16:22:00", "published": "2014-06-15T16:22:00", "id": "ALAS-2014-360", "href": "https://alas.aws.amazon.com/ALAS-2014-360.html", "title": "Medium: squid", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-10T12:37:01", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0128", "CVE-2013-4115", "CVE-2014-3609"], "description": "**Issue Overview:**\n\nA flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. ([CVE-2014-3609 __](<https://access.redhat.com/security/cve/CVE-2014-3609>))\n\nA buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. ([CVE-2013-4115 __](<https://access.redhat.com/security/cve/CVE-2013-4115>))\n\nSquid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. ([CVE-2014-0128 __](<https://access.redhat.com/security/cve/CVE-2014-0128>))\n\n \n**Affected Packages:** \n\n\nsquid\n\n \n**Issue Correction:** \nRun _yum update squid_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n squid-3.1.10-29.17.amzn1.i686 \n squid-debuginfo-3.1.10-29.17.amzn1.i686 \n \n src: \n squid-3.1.10-29.17.amzn1.src \n \n x86_64: \n squid-3.1.10-29.17.amzn1.x86_64 \n squid-debuginfo-3.1.10-29.17.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-10-22T20:04:00", "published": "2014-10-22T20:04:00", "id": "ALAS-2014-433", "href": "https://alas.aws.amazon.com/ALAS-2014-433.html", "title": "Important: squid", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:46:14", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0128"], "description": "Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed certain HTTPS\nrequests when the SSL Bump feature was enabled. A remote attacker could\nsend specially crafted requests that could cause Squid to crash.\n(CVE-2014-0128)\n\nRed Hat would like to thank the Squid project for reporting this issue.\nUpstream acknowledges Mathias Fischer and Fabian Hugelshofer from Open\nSystems AG as the original reporters.\n\nAll squid users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the squid service will be restarted automatically.\n", "modified": "2018-06-06T20:24:21", "published": "2014-06-03T04:00:00", "id": "RHSA-2014:0597", "href": "https://access.redhat.com/errata/RHSA-2014:0597", "type": "redhat", "title": "(RHSA-2014:0597) Moderate: squid security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-07T11:54:37", "description": "Updated squid packages fix security vulnerability :\n\nDue to incorrect state management, Squid before 3.3.12 is vulnerable\nto a denial of service attack when processing certain HTTPS requests\nif the SSL-Bump feature is enabled (CVE-2014-0128).", "edition": 25, "published": "2014-06-11T00:00:00", "title": "Mandriva Linux Security Advisory : squid (MDVSA-2014:114)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "modified": "2014-06-11T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:squid-cachemgr", "p-cpe:/a:mandriva:linux:squid"], "id": "MANDRIVA_MDVSA-2014-114.NASL", "href": "https://www.tenable.com/plugins/nessus/74447", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:114. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74447);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-0128\");\n script_bugtraq_id(66112);\n script_xref(name:\"MDVSA\", value:\"2014:114\");\n\n script_name(english:\"Mandriva Linux Security Advisory : squid (MDVSA-2014:114)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages fix security vulnerability :\n\nDue to incorrect state management, Squid before 3.3.12 is vulnerable\nto a denial of service attack when processing certain HTTPS requests\nif the SSL-Bump feature is enabled (CVE-2014-0128).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0168.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-cachemgr packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid-cachemgr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"squid-3.1.19-5.4.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"squid-cachemgr-3.1.19-5.4.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T01:18:50", "description": "A denial of service flaw was found in the way Squid processed certain\nHTTPS requests when the SSL Bump feature was enabled. A remote\nattacker could send specially crafted requests that could cause Squid\nto crash. (CVE-2014-0128)", "edition": 23, "published": "2014-10-12T00:00:00", "title": "Amazon Linux AMI : squid (ALAS-2014-360)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:squid-debuginfo", "p-cpe:/a:amazon:linux:squid", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-360.NASL", "href": "https://www.tenable.com/plugins/nessus/78303", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-360.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78303);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-0128\");\n script_xref(name:\"ALAS\", value:\"2014-360\");\n script_xref(name:\"RHSA\", value:\"2014:0597\");\n\n script_name(english:\"Amazon Linux AMI : squid (ALAS-2014-360)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the way Squid processed certain\nHTTPS requests when the SSL Bump feature was enabled. A remote\nattacker could send specially crafted requests that could cause Squid\nto crash. (CVE-2014-0128)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-360.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update squid' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"squid-3.1.10-20.15.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"squid-debuginfo-3.1.10-20.15.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:14:28", "description": "Updated squid packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed certain\nHTTPS requests when the SSL Bump feature was enabled. A remote\nattacker could send specially crafted requests that could cause Squid\nto crash. (CVE-2014-0128)\n\nRed Hat would like to thank the Squid project for reporting this\nissue. Upstream acknowledges Mathias Fischer and Fabian Hugelshofer\nfrom Open Systems AG as the original reporters.\n\nAll squid users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling this update, the squid service will be restarted\nautomatically.", "edition": 24, "published": "2014-06-04T00:00:00", "title": "RHEL 6 : squid (RHSA-2014:0597)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "modified": "2014-06-04T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squid", "cpe:/o:redhat:enterprise_linux:6.5", "p-cpe:/a:redhat:enterprise_linux:squid-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2014-0597.NASL", "href": "https://www.tenable.com/plugins/nessus/74304", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0597. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74304);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-0128\");\n script_bugtraq_id(66112);\n script_xref(name:\"RHSA\", value:\"2014:0597\");\n\n script_name(english:\"RHEL 6 : squid (RHSA-2014:0597)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed certain\nHTTPS requests when the SSL Bump feature was enabled. A remote\nattacker could send specially crafted requests that could cause Squid\nto crash. (CVE-2014-0128)\n\nRed Hat would like to thank the Squid project for reporting this\nissue. Upstream acknowledges Mathias Fischer and Fabian Hugelshofer\nfrom Open Systems AG as the original reporters.\n\nAll squid users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling this update, the squid service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0128\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0597\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"squid-3.1.10-20.el6_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"squid-3.1.10-20.el6_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"squid-3.1.10-20.el6_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"squid-debuginfo-3.1.10-20.el6_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"squid-debuginfo-3.1.10-20.el6_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.1.10-20.el6_5.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:29:35", "description": "Updated squid packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed certain\nHTTPS requests when the SSL Bump feature was enabled. A remote\nattacker could send specially crafted requests that could cause Squid\nto crash. (CVE-2014-0128)\n\nRed Hat would like to thank the Squid project for reporting this\nissue. Upstream acknowledges Mathias Fischer and Fabian Hugelshofer\nfrom Open Systems AG as the original reporters.\n\nAll squid users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling this update, the squid service will be restarted\nautomatically.", "edition": 24, "published": "2014-06-05T00:00:00", "title": "CentOS 6 : squid (CESA-2014:0597)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "modified": "2014-06-05T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:squid"], "id": "CENTOS_RHSA-2014-0597.NASL", "href": "https://www.tenable.com/plugins/nessus/74312", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0597 and \n# CentOS Errata and Security Advisory 2014:0597 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74312);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-0128\");\n script_bugtraq_id(66112);\n script_xref(name:\"RHSA\", value:\"2014:0597\");\n\n script_name(english:\"CentOS 6 : squid (CESA-2014:0597)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed certain\nHTTPS requests when the SSL Bump feature was enabled. A remote\nattacker could send specially crafted requests that could cause Squid\nto crash. (CVE-2014-0128)\n\nRed Hat would like to thank the Squid project for reporting this\nissue. Upstream acknowledges Mathias Fischer and Fabian Hugelshofer\nfrom Open Systems AG as the original reporters.\n\nAll squid users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling this update, the squid service will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-June/020340.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fb87ee82\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0128\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"squid-3.1.10-20.el6_5.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:48:21", "description": "A denial of service flaw was found in the way Squid processed certain\nHTTPS requests when the SSL Bump feature was enabled. A remote\nattacker could send specially crafted requests that could cause Squid\nto crash. (CVE-2014-0128)\n\nAfter installing this update, the squid service will be restarted\nautomatically.", "edition": 15, "published": "2014-06-04T00:00:00", "title": "Scientific Linux Security Update : squid on SL6.x i386/x86_64 (20140603)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "modified": "2014-06-04T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:squid", "p-cpe:/a:fermilab:scientific_linux:squid-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20140603_SQUID_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/74308", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74308);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-0128\");\n\n script_name(english:\"Scientific Linux Security Update : squid on SL6.x i386/x86_64 (20140603)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the way Squid processed certain\nHTTPS requests when the SSL Bump feature was enabled. A remote\nattacker could send specially crafted requests that could cause Squid\nto crash. (CVE-2014-0128)\n\nAfter installing this update, the squid service will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1406&L=scientific-linux-errata&T=0&P=426\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b5d1038d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"squid-3.1.10-20.el6_5.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"squid-debuginfo-3.1.10-20.el6_5.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:12:36", "description": "New upstream version with a security fix.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2014-04-03T00:00:00", "title": "Fedora 20 : squid-3.3.12-1.fc20 (2014-3915)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "modified": "2014-04-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squid", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-3915.NASL", "href": "https://www.tenable.com/plugins/nessus/73311", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-3915.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73311);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-0128\");\n script_bugtraq_id(66112);\n script_xref(name:\"FEDORA\", value:\"2014-3915\");\n\n script_name(english:\"Fedora 20 : squid-3.3.12-1.fc20 (2014-3915)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New upstream version with a security fix.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1074870\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-April/130987.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?37ff98f8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"squid-3.3.12-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T05:49:57", "description": "According to its banner, the version of Squid running on the remote\nhost is 3.x prior to 3.3.12 or 3.4.4 and is, therefore, affected by a\ndenial of service vulnerability. \n\nA flaw exists in SSL-Bump in regards to the state management when\nprocessing range requests. A remote attacker can cause the server to\ncrash with specially crafted HTTPS requests. \n\nNote that Nessus has relied only on the version in the proxy server's\nbanner, which is not updated by the patch the project has released to\naddress the issue. If this patch has been applied properly and the\nservice has been restarted, consider this to be a false positive.", "edition": 25, "published": "2014-03-21T00:00:00", "title": "Squid 3.1.x < 3.3.12 / 3.4.4 HTTPS Request Handling DoS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:squid-cache:squid"], "id": "SQUID_3_4_4.NASL", "href": "https://www.tenable.com/plugins/nessus/73131", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73131);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\"CVE-2014-0128\");\n script_bugtraq_id(66112);\n\n script_name(english:\"Squid 3.1.x < 3.3.12 / 3.4.4 HTTPS Request Handling DoS\");\n script_summary(english:\"Checks version of Squid\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy server is affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Squid running on the remote\nhost is 3.x prior to 3.3.12 or 3.4.4 and is, therefore, affected by a\ndenial of service vulnerability. \n\nA flaw exists in SSL-Bump in regards to the state management when\nprocessing range requests. A remote attacker can cause the server to\ncrash with specially crafted HTTPS requests. \n\nNote that Nessus has relied only on the version in the proxy server's\nbanner, which is not updated by the patch the project has released to\naddress the issue. If this patch has been applied properly and the\nservice has been restarted, consider this to be a false positive.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2014_1.txt\");\n # http://www.squid-cache.org/Versions/v3/3.3/changesets/squid-3.3-12677.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bf7922a2\");\n # http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13104.patch\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?13763a56\");\n script_set_attribute(attribute:\"solution\", value:\n\"Either upgrade to Squid version 3.3.12 / 3.4.4 or later, or apply the\nvendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0128\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/21\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squid-cache:squid\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"squid_version.nasl\");\n script_require_keys(\"www/squid\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/http_proxy\", 3128, 8080);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Build a list of ports from the\nlist = get_kb_list(\"http_proxy/*/squid/version\");\nif (isnull(list)) audit(AUDIT_NOT_INST, \"Squid\");\n\n# nb: banner checks of open source software are prone to false-\n# positives so only run the check if reporting is paranoid.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvulnerable = FALSE;\nnot_vuln_list = make_list();\n\nforeach item (keys(list))\n{\n port = ereg_replace(pattern:'^http_proxy/([0-9]+)/squid/version', replace:'\\\\1', string:item);\n version = list[item];\n\n # Affected:\n # Squid 3.1.x < 3.3.12\n # Squid 3.4.x < 3.4.4\n if (\n version =~ \"^3\\.[12]([^0-9]|$)\" ||\n version =~ \"^3\\.3\\.([0-9]|1[0-1])([^0-9]|$)\" ||\n version =~ \"^3\\.4\\.[0-3]([^0-9]|$)\"\n )\n {\n vulnerable = TRUE;\n if (report_verbosity > 0)\n {\n source = get_kb_item('http_proxy/'+port+'/squid/source');\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 3.3.12 / 3.4.4' + '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n }\n else not_vuln_list = make_list(not_vuln_list, version + \" on port \" + port);\n}\n\nif (vulnerable) exit(0);\nelse\n{\n installs = max_index(not_vuln_list);\n if (installs == 0) audit(AUDIT_NOT_INST, \"Squid\");\n else if (installs == 1)\n audit(AUDIT_INST_VER_NOT_VULN, \"Squid\", not_vuln_list[0]);\n else\n exit(0, \"The Squid installs (\"+ join(not_vuln_list, sep:\", \") + \") are not affected.\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T12:27:31", "description": "The SSLBump feature acts as TLS/SSL termination for clients. If this\nfeature is enabled, squid can crash with range requests, leading to a\npotential Denial of Service condition.", "edition": 18, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : squid (openSUSE-SU-2014:0559-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "modified": "2014-06-13T00:00:00", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-316.NASL", "href": "https://www.tenable.com/plugins/nessus/75329", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-316.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75329);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0128\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-SU-2014:0559-1)\");\n script_summary(english:\"Check for the openSUSE-2014-316 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SSLBump feature acts as TLS/SSL termination for clients. If this\nfeature is enabled, squid can crash with range requests, leading to a\npotential Denial of Service condition.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=867533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-04/msg00060.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-3.2.11-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debuginfo-3.2.11-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"squid-debugsource-3.2.11-3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"squid-3.3.8-2.4.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"squid-debuginfo-3.3.8-2.4.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"squid-debugsource-3.3.8-2.4.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T14:41:54", "description": "A remote DoS attack in the Squid web proxy has been fixed.\n\nDue to incorrect state management, Squid was vulnerable to a denial of\nservice attack when processing certain HTTPS requests. (CVE-2014-0128)\n\nFor more information see\nhttp://www.squid-cache.org/Advisories/SQUID-2014_1.txt .\n\nAdditionally, a bug in the logrotate configuration file has been\nfixed. The 'su' statement was moved into the 'logfile' section.\n(bnc#677335)", "edition": 18, "published": "2014-04-25T00:00:00", "title": "SuSE 11.3 Security Update : squid3 (SAT Patch Number 9138)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "modified": "2014-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:squid3", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_SQUID3-140415.NASL", "href": "https://www.tenable.com/plugins/nessus/73708", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73708);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0128\");\n\n script_name(english:\"SuSE 11.3 Security Update : squid3 (SAT Patch Number 9138)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A remote DoS attack in the Squid web proxy has been fixed.\n\nDue to incorrect state management, Squid was vulnerable to a denial of\nservice attack when processing certain HTTPS requests. (CVE-2014-0128)\n\nFor more information see\nhttp://www.squid-cache.org/Advisories/SQUID-2014_1.txt .\n\nAdditionally, a bug in the logrotate configuration file has been\nfixed. The 'su' statement was moved into the 'logfile' section.\n(bnc#677335)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=867533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0128.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9138.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"squid3-3.1.12-8.16.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:12:39", "description": "Use the version from Fedora 20.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2014-04-16T00:00:00", "title": "Fedora 19 : squid-3.3.12-1.fc19 (2014-4800)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "modified": "2014-04-16T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:squid"], "id": "FEDORA_2014-4800.NASL", "href": "https://www.tenable.com/plugins/nessus/73544", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-4800.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73544);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-0128\");\n script_bugtraq_id(66112);\n script_xref(name:\"FEDORA\", value:\"2014-4800\");\n\n script_name(english:\"Fedora 19 : squid-3.3.12-1.fc19 (2014-4800)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Use the version from Fedora 20.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1074871\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131477.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2156db84\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"squid-3.3.12-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:37:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-06-09T00:00:00", "id": "OPENVAS:1361412562310881945", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881945", "type": "openvas", "title": "CentOS Update for squid CESA-2014:0597 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squid CESA-2014:0597 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881945\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-09 12:31:54 +0530 (Mon, 09 Jun 2014)\");\n script_cve_id(\"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Update for squid CESA-2014:0597 centos6\");\n\n script_tag(name:\"affected\", value:\"squid on CentOS 6\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching server for web\nclients, supporting FTP, Gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed certain HTTPS\nrequests when the SSL Bump feature was enabled. A remote attacker could\nsend specially crafted requests that could cause Squid to crash.\n(CVE-2014-0128)\n\nRed Hat would like to thank the Squid project for reporting this issue.\nUpstream acknowledges Mathias Fischer and Fabian Hugelshofer from Open\nSystems AG as the original reporters.\n\nAll squid users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the squid service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0597\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-June/020340.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.1.10~20.el6_5.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "description": "This host is running Squid and is prone\n to denial of service vulnerability.", "modified": "2019-05-20T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310806107", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806107", "type": "openvas", "title": "Squid SSL-Bump HTTPS Requests Processing Denial of Service Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid SSL-Bump HTTPS Requests Processing Denial of Service Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:squid-cache:squid\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806107\");\n script_version(\"2019-05-20T11:12:48+0000\");\n script_cve_id(\"CVE-2014-0128\");\n script_bugtraq_id(66112);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 11:12:48 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 16:31:16 +0530 (Tue, 08 Sep 2015)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Squid SSL-Bump HTTPS Requests Processing Denial of Service Vulnerability\");\n\n script_tag(name:\"summary\", value:\"This host is running Squid and is prone\n to denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Due to incorrect state management Squid is vulnerable to a denial\n of service attack when processing certain HTTPS requests.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.1 -> 3.3.11,\n Squid 3.4 -> 3.4.3\");\n\n script_tag(name:\"solution\", value:\"Apply the patch or upgrade to version\n Squid 3.4.4, 3.3.11 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2014_1.txt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_squid_detect.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\");\n script_require_ports(\"Services/www\", 3128, 8080);\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2014_2.txt\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!squidPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!squidVer = get_app_version(cpe:CPE, port:squidPort)){\n exit(0);\n}\n\nif(squidVer !~ \"^3\\.\"){\n exit(99);\n}\n\nif(version_in_range(version:squidVer, test_version:\"3.1\", test_version2:\"3.3.11\"))\n{\n VULN = TRUE;\n Fix = \"3.3.12\";\n}\n\nelse if(version_in_range(version:squidVer, test_version:\"3.4\", test_version2:\"3.4.3\"))\n{\n VULN =TRUE;\n Fix = \"3.4.4\";\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + squidVer + '\\n' +\n 'Fixed version: ' + Fix + '\\n';\n\n security_message(data:report, port:squidPort);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:48:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "description": "Check for the Version of squid", "modified": "2017-07-10T00:00:00", "published": "2014-04-03T00:00:00", "id": "OPENVAS:867645", "href": "http://plugins.openvas.org/nasl.php?oid=867645", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-3915", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-3915\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867645);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-03 09:50:17 +0530 (Thu, 03 Apr 2014)\");\n script_cve_id(\"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-3915\");\n\n tag_insight = \"Squid is a high-performance proxy caching server for Web clients,\nsupporting FTP, gopher, and HTTP data objects. Unlike traditional\ncaching software, Squid handles all requests in a single,\nnon-blocking, I/O-driven process. Squid keeps meta data and especially\nhot objects cached in RAM, caches DNS lookups, supports non-blocking\nDNS lookups, and implements negative caching of failed requests.\n\nSquid consists of a main server program squid, a Domain Name System\nlookup program (dnsserver), a program for retrieving FTP data\n(ftpget), and some management and client tools.\n\";\n\n tag_affected = \"squid on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-3915\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/130987.html\");\n script_summary(\"Check for the Version of squid\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.12~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:01:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120143", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120143", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-360)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120143\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:18:31 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-360)\");\n script_tag(name:\"insight\", value:\"A denial of service flaw was found in the way Squid processed certain HTTPS requests when the SSL Bump feature was enabled. A remote attacker could send specially crafted requests that could cause Squid to crash. (CVE-2014-0128 )\");\n script_tag(name:\"solution\", value:\"Run yum update squid to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-360.html\");\n script_cve_id(\"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~3.1.10~20.15.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.1.10~20.15.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-06-09T00:00:00", "id": "OPENVAS:1361412562310871175", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871175", "type": "openvas", "title": "RedHat Update for squid RHSA-2014:0597-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squid RHSA-2014:0597-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871175\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-09 16:08:25 +0530 (Mon, 09 Jun 2014)\");\n script_cve_id(\"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Update for squid RHSA-2014:0597-01\");\n\n\n script_tag(name:\"affected\", value:\"squid on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed certain HTTPS\nrequests when the SSL Bump feature was enabled. A remote attacker could\nsend specially crafted requests that could cause Squid to crash.\n(CVE-2014-0128)\n\nRed Hat would like to thank the Squid project for reporting this issue.\nUpstream acknowledges Mathias Fischer and Fabian Hugelshofer from Open\nSystems AG as the original reporters.\n\nAll squid users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, the squid service will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0597-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-June/msg00006.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.1.10~20.el6_5.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~3.1.10~20.el6_5.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "description": "Oracle Linux Local Security Checks ELSA-2014-0597", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123406", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123406", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0597", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0597.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123406\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:23 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0597\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0597 - squid security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0597\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0597.html\");\n script_cve_id(\"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.1.10~20.el6_5.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-04-03T00:00:00", "id": "OPENVAS:1361412562310867645", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867645", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-3915", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-3915\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867645\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-03 09:50:17 +0530 (Thu, 03 Apr 2014)\");\n script_cve_id(\"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-3915\");\n script_tag(name:\"affected\", value:\"squid on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-3915\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/130987.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.12~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7141", "CVE-2014-0128", "CVE-2014-7142"], "description": "Gentoo Linux Local Security Checks GLSA 201411-11", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121286", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121286", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201411-11", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201411-11.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121286\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:01 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201411-11\");\n script_tag(name:\"insight\", value:\"An assertion failure in processing of SSL-Bump has been found in Squid. Heap based overflow is discovered when processing SNMP requests.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201411-11\");\n script_cve_id(\"CVE-2014-0128\", \"CVE-2014-7141\", \"CVE-2014-7142\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201411-11\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-proxy/squid\", unaffected: make_list(\"ge 3.3.13-r1\"), vulnerable: make_list(\"lt 3.3.13-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2017-07-25T10:48:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128", "CVE-2013-4115", "CVE-2013-4123"], "description": "Check for the Version of squid", "modified": "2017-07-10T00:00:00", "published": "2014-04-16T00:00:00", "id": "OPENVAS:867694", "href": "http://plugins.openvas.org/nasl.php?oid=867694", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-4800", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-4800\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867694);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-16 11:10:38 +0530 (Wed, 16 Apr 2014)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\", \"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-4800\");\n\n tag_insight = \"Squid is a high-performance proxy caching server for Web clients,\nsupporting FTP, gopher, and HTTP data objects. Unlike traditional\ncaching software, Squid handles all requests in a single,\nnon-blocking, I/O-driven process. Squid keeps meta data and especially\nhot objects cached in RAM, caches DNS lookups, supports non-blocking\nDNS lookups, and implements negative caching of failed requests.\n\nSquid consists of a main server program squid, a Domain Name System\nlookup program (dnsserver), a program for retrieving FTP data\n(ftpget), and some management and client tools.\n\";\n\n tag_affected = \"squid on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-4800\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131477.html\");\n script_summary(\"Check for the Version of squid\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.12~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0128", "CVE-2013-4115", "CVE-2013-4123"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-04-16T00:00:00", "id": "OPENVAS:1361412562310867694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867694", "type": "openvas", "title": "Fedora Update for squid FEDORA-2014-4800", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2014-4800\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867694\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-16 11:10:38 +0530 (Wed, 16 Apr 2014)\");\n script_cve_id(\"CVE-2013-4123\", \"CVE-2013-4115\", \"CVE-2014-0128\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for squid FEDORA-2014-4800\");\n script_tag(name:\"affected\", value:\"squid on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-4800\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131477.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.3.12~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0128"], "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "modified": "2014-04-02T09:19:07", "published": "2014-04-02T09:19:07", "id": "FEDORA:EFD3C2150F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: squid-3.3.12-1.fc20", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4115", "CVE-2013-4123", "CVE-2014-0128"], "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "modified": "2014-04-15T15:38:43", "published": "2014-04-15T15:38:43", "id": "FEDORA:2D85421A4C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: squid-3.3.12-1.fc19", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:07", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7141", "CVE-2014-0128", "CVE-2014-7142"], "description": "### Background\n\nSquid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. \n\n### Description\n\nAn assertion failure in processing of SSL-Bump has been found in Squid. Heap based overflow is discovered when processing SNMP requests. \n\n### Impact\n\nA remote attacker could send a specially crafted request, possibly resulting in a executing of arbitrary code or Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Squid users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-proxy/squid-3.3.13-r1\"", "edition": 1, "modified": "2014-11-27T00:00:00", "published": "2014-11-27T00:00:00", "id": "GLSA-201411-11", "href": "https://security.gentoo.org/glsa/201411-11", "type": "gentoo", "title": "Squid: Multiple vulnerabilities", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T12:13:39", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7141", "CVE-2015-5400", "CVE-2014-6270", "CVE-2012-5643", "CVE-2016-4051", "CVE-2014-0128", "CVE-2016-4555", "CVE-2016-2570", "CVE-2016-4052", "CVE-2013-4115", "CVE-2016-3947", "CVE-2016-2569", "CVE-2013-0188", "CVE-2011-3205", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-2571", "CVE-2011-4096", "CVE-2016-4054", "CVE-2016-2390", "CVE-2016-4053", "CVE-2016-3948", "CVE-2016-2572", "CVE-2014-7142"], "edition": 1, "description": "This update for squid3 fixes the following issues:\n\n - Multiple issues in pinger ICMP processing. (CVE-2014-7141,\n CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing.\n (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing\n (bsc#979010)\n\n - Fix multiple Denial of Service issues in HTTP Response processing.\n (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392,\n bsc#968393, bsc#968394, bsc#968395)\n - Regression caused by the DoS fixes above (bsc#993299)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing\n (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:\n * fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\n", "modified": "2016-08-16T18:08:55", "published": "2016-08-16T18:08:55", "id": "SUSE-SU-2016:2089-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "type": "suse", "title": "Security update for squid3 (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:09:51", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7141", "CVE-2015-5400", "CVE-2014-6270", "CVE-2012-5643", "CVE-2016-4051", "CVE-2014-0128", "CVE-2016-4555", "CVE-2016-2570", "CVE-2016-4052", "CVE-2013-4115", "CVE-2016-3947", "CVE-2016-2569", "CVE-2013-0188", "CVE-2011-3205", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-2571", "CVE-2011-4096", "CVE-2016-4054", "CVE-2016-2390", "CVE-2016-4053", "CVE-2016-3948", "CVE-2016-2572", "CVE-2014-7142"], "edition": 1, "description": "This update for squid3 fixes the following issues:\n\n - Multiple issues in pinger ICMP processing. (CVE-2014-7141,\n CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing.\n (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing\n (bsc#979010)\n\n - fix multiple Denial of Service issues in HTTP Response processing.\n (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392,\n bsc#968393, bsc#968394, bsc#968395)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing\n (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:\n * fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\n", "modified": "2016-08-09T17:12:26", "published": "2016-08-09T17:12:26", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "id": "SUSE-SU-2016:1996-1", "title": "Security update for squid3 (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}