Lucene search

K
openvas
Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.netOPENVAS:1361412562310703014
HistoryAug 28, 2014 - 12:00 a.m.

Debian Security Advisory DSA 3014-1 (squid3 - security update)

2014-08-2800:00:00
Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net
plugins.openvas.org
6

0.965 High

EPSS

Percentile

99.5%

Matthew Daley discovered that Squid3, a fully featured web proxy cache,
did not properly perform input validation in request parsing. A remote
attacker could use this flaw to mount a denial of service by sending
crafted Range requests.

# OpenVAS Vulnerability Test
# $Id: deb_3014.nasl 14302 2019-03-19 08:28:48Z cfischer $
# Auto-generated from advisory DSA 3014-1 using nvtgen 1.0
# Script version: 1.0
#
# Author:
# Greenbone Networks
#
# Copyright:
# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.703014");
  script_version("$Revision: 14302 $");
  script_cve_id("CVE-2014-3609");
  script_name("Debian Security Advisory DSA 3014-1 (squid3 - security update)");
  script_tag(name:"last_modification", value:"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $");
  script_tag(name:"creation_date", value:"2014-08-28 00:00:00 +0200 (Thu, 28 Aug 2014)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_xref(name:"URL", value:"http://www.debian.org/security/2014/dsa-3014.html");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net");
  script_family("Debian Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB7");
  script_tag(name:"affected", value:"squid3 on Debian Linux");
  script_tag(name:"solution", value:"For the stable distribution (wheezy), this problem has been fixed in
version 3.1.20-2.2+deb7u2.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your squid3 packages.");
  script_tag(name:"summary", value:"Matthew Daley discovered that Squid3, a fully featured web proxy cache,
did not properly perform input validation in request parsing. A remote
attacker could use this flaw to mount a denial of service by sending
crafted Range requests.");
  script_tag(name:"vuldetect", value:"This check tests the installed software version using the apt package manager.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

res = "";
report = "";
if((res = isdpkgvuln(pkg:"squid-cgi", ver:"3.1.20-2.2+deb7u2", rls:"DEB7")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"squid3", ver:"3.1.20-2.2+deb7u2", rls:"DEB7")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"squid3-common", ver:"3.1.20-2.2+deb7u2", rls:"DEB7")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"squid3-dbg", ver:"3.1.20-2.2+deb7u2", rls:"DEB7")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"squidclient", ver:"3.1.20-2.2+deb7u2", rls:"DEB7")) != NULL) {
  report += res;
}

if(report != "") {
  security_message(data:report);
} else if(__pkg_match) {
  exit(99);
}
How to find holes in your network?

Try incredible fast Vulners Perimeter Scanner and find vulnerabilities and unnecessary ip and ports in network devices inside your network before anyone else.

Try Network Scanner

0.965 High

EPSS

Percentile

99.5%

Related for OPENVAS:1361412562310703014