According to its self-reported version number, the version of Squid installed on the remote host is prior to 4.10. It is, therefore, affected by multiple vulnerabilities:
Due to incorrect data management Squid is vulnerable to a information disclosure when translating FTP server listings into HTTP responses. (CVE-2019-12528)
Due to incorrect input validation Squid can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters. (CVE-2020-8449)
Due to incorrect buffer management a remote client can cause a buffer overflow in a Squid acting as reverse-proxy. (CVE-2020-8450) Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data
Vendor | Product | Version | CPE |
---|---|---|---|
squid-cache | squid | * | cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:* |