Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2020-1134-1.NASLHistoryApr 29, 2020 - 12:00 a.m.
SUSE SLES12 Security Update : squid (SUSE-SU-2020:1134-1)
2020-04-2900:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
8.9 High
AI Score
Confidence
Low
This update for squid to version 4.11 fixes the following issues :
CVE-2020-11945: Fixed a potential remote code execution vulnerability when using HTTP Digest Authentication (bsc#1170313).
CVE-2019-12519, CVE-2019-12521: Fixed incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (bsc#1169659).
CVE-2020-8517: Fixed a possible denial of service caused by incorrect buffer management ext_lm_group_acl when processing NTLM Authentication credentials (bsc#1162691).
CVE-2019-12528: Fixed possible information disclosure when translating FTP server listings into HTTP responses (bsc#1162689).
CVE-2019-18860: Fixed handling of invalid domain names in cachemgr.cgi (bsc#1167373).
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2020:1134-1.
# The text itself is copyright (C) SUSE.
#
include('compat.inc');
if (description)
{
script_id(136081);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/14");
script_cve_id(
"CVE-2019-12519",
"CVE-2019-12521",
"CVE-2019-12528",
"CVE-2019-18860",
"CVE-2020-11945",
"CVE-2020-8517"
);
script_name(english:"SUSE SLES12 Security Update : squid (SUSE-SU-2020:1134-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"This update for squid to version 4.11 fixes the following issues :
CVE-2020-11945: Fixed a potential remote code execution vulnerability
when using HTTP Digest Authentication (bsc#1170313).
CVE-2019-12519, CVE-2019-12521: Fixed incorrect buffer handling that
can result in cache poisoning, remote execution, and denial of service
attacks when processing ESI responses (bsc#1169659).
CVE-2020-8517: Fixed a possible denial of service caused by incorrect
buffer management ext_lm_group_acl when processing NTLM Authentication
credentials (bsc#1162691).
CVE-2019-12528: Fixed possible information disclosure when translating
FTP server listings into HTTP responses (bsc#1162689).
CVE-2019-18860: Fixed handling of invalid domain names in cachemgr.cgi
(bsc#1167373).
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162689");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162691");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1167373");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1169659");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1170313");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-12519/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-12521/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-12528/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-18860/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-11945/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8517/");
# https://www.suse.com/support/update/announcement/2020/suse-su-20201134-1/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?36ea22db");
script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Server 12-SP5 :
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1134=1");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-11945");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/04");
script_set_attribute(attribute:"patch_publication_date", value:"2020/04/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/29");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:squid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:squid-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:squid-debugsource");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"5", reference:"squid-4.11-4.9.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"squid-debuginfo-4.11-4.9.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"squid-debugsource-4.11-4.9.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "squid");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | squid | p-cpe:/a:novell:suse_linux:squid |
| novell | suse_linux | squid-debuginfo | p-cpe:/a:novell:suse_linux:squid-debuginfo |
| novell | suse_linux | squid-debugsource | p-cpe:/a:novell:suse_linux:squid-debugsource |
| novell | suse_linux | 12 | cpe:/o:novell:suse_linux:12 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12519
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12521
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12528
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18860
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11945
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8517
www.nessus.org/u?36ea22db
bugzilla.suse.com/show_bug.cgi?id=1162689
bugzilla.suse.com/show_bug.cgi?id=1162691
bugzilla.suse.com/show_bug.cgi?id=1167373
bugzilla.suse.com/show_bug.cgi?id=1169659
bugzilla.suse.com/show_bug.cgi?id=1170313
www.suse.com/security/cve/CVE-2019-12519/
www.suse.com/security/cve/CVE-2019-12521/
www.suse.com/security/cve/CVE-2019-12528/
www.suse.com/security/cve/CVE-2019-18860/
www.suse.com/security/cve/CVE-2020-11945/
www.suse.com/security/cve/CVE-2020-8517/
Related
nessus
nessus
SUSE SLES15 Security Update : squid (SUSE-SU-2020:1156-1)
2020-05-01 00:00:00
openSUSE Security Update : squid (openSUSE-2020-623)
2020-05-11 00:00:00
openvas
openvas
openSUSE: Security Advisory for squid (openSUSE-SU-2020:0623-1)
2020-05-12 00:00:00
Ubuntu: Security Advisory for squid (USN-4356-1)
2020-05-14 00:00:00
Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-1666)
2020-06-16 00:00:00
suse
suse
Security update for squid (important)
2020-05-11 00:00:00
Security update for squid (moderate)
2020-03-06 00:00:00
Security update for squid (moderate)
2020-05-03 00:00:00
ubuntu
ubuntu
Squid vulnerabilities
2020-05-13 00:00:00
Squid vulnerabilities
2020-02-20 00:00:00
gentoo
gentoo
Squid: Multiple vulnerabilities
2020-05-12 00:00:00
Squid: Multiple vulnerabilities
2020-03-16 00:00:00
amazon
amazon
Important: squid
2020-06-01 12:25:00
Important: squid
2020-06-23 06:08:00
Important: squid
2020-06-26 22:56:00
redhat
redhat
(RHSA-2020:2038) Important: squid:4 security update
2020-05-06 11:55:10
(RHSA-2020:2039) Important: squid:4 security update
2020-05-06 12:46:24
(RHSA-2020:2040) Important: squid security update
2020-05-06 12:46:17
centos
centos
squid security update
2020-05-21 14:55:03
squid security update
2020-11-06 22:15:00
oraclelinux
oraclelinux
squid security update
2020-05-07 00:00:00
squid:4 security update
2020-05-12 00:00:00
squid:4 security update
2020-09-04 00:00:00
osv
osv
Important: squid:4 security update
2020-05-06 12:52:10
Important: squid:4 security update
2020-05-06 12:52:10
CVE-2019-18860
2020-03-20 21:15:16
rocky
rocky
squid:4 security update
2020-05-06 12:52:10
squid:4 security, bug fix, and enhancement update
2020-11-03 12:32:17
almalinux
almalinux
Important: squid:4 security update
2020-05-06 12:52:10
Moderate: squid:4 security, bug fix, and enhancement update
2020-11-03 12:32:17
fedora
fedora
[SECURITY] Fedora 32 Update: squid-4.11-1.fc32
2020-05-16 03:40:02
[SECURITY] Fedora 31 Update: squid-4.11-1.fc31
2020-05-16 03:11:17
[SECURITY] Fedora 30 Update: squid-4.11-1.fc30
2020-05-16 04:21:08
cve
cve
veracode
veracode
Open Redirection
2020-09-21 06:33:21
Buffer Overflow
2020-09-21 06:36:05
Information Disclosure
2020-08-06 21:32:19
mageia
mageia
Updated squid packages fix security vulnerabilities
2020-02-26 13:21:01
Updated squid packages fix security vulnerability
2020-05-05 15:20:37
freebsd
freebsd
Squid -- multiple vulnerabilities
2020-02-10 00:00:00
prion
prion
Hardcoded credentials
2020-03-20 21:15:00
Stack overflow
2020-04-15 20:15:00
Design/Logic Flaw
2020-04-15 19:15:00
hackerone
hackerone
Internet Bug Bounty: Squid leaks previous content from reusable buffer
2020-03-18 22:01:47
Internet Bug Bounty: Buffer Overflow in ext_lm_group_acl helper
2020-02-04 21:58:53
ubuntucve
ubuntucve
alpinelinux
alpinelinux
redhatcve
redhatcve
debiancve
debiancve
debian
debian
[SECURITY] [DLA 2278-1] squid3 security update
2020-07-10 21:55:24
[SECURITY] [DSA 4682-1] squid security update
2020-05-08 19:10:03
[SECURITY] [DSA 4732-1] squid security update
2020-07-21 19:07:22
cloudlinux
cloudlinux
altlinux
altlinux
Security fix for the ALT Linux 9 package squid version 4.10-alt1
2020-03-16 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1976
2021-07-02 18:10:45
ibm
ibm