Fedora Update for squid FEDORA-2016-c614315d29

2017-01-21T00:00:00

Description

The remote host is missing an update for the

{"id": "OPENVAS:1361412562310872285", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for squid FEDORA-2016-c614315d29", "description": "The remote host is missing an update for the ", "published": "2017-01-21T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872285", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["2016-c614315d29", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EGXJIK3U4AHZBWEPDXTJKEYGAHMKL6G"], "cvelist": ["CVE-2016-10002", "CVE-2016-10003"], "lastseen": "2019-05-29T18:33:57", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2017:0182", "CESA-2017:0183"]}, {"type": "cve", "idList": ["CVE-2016-10002", "CVE-2016-10003"]}, {"type": "debian", "idList": ["DEBIAN:DLA-763-1:3DF12", "DEBIAN:DLA-763-1:79F4C", "DEBIAN:DSA-3745-1:08505", "DEBIAN:DSA-3745-1:9F55A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-10002", "DEBIANCVE:CVE-2016-10003"]}, {"type": "fedora", "idList": ["FEDORA:9F5B5601C840"]}, {"type": "freebsd", "idList": ["41F8AF15-C8B9-11E6-AE1B-002590263BF5"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/ORACLE-SOLARIS-CVE-2016-10003/"]}, {"type": "nessus", "idList": ["9858.PRM", "CENTOS_RHSA-2017-0182.NASL", "CENTOS_RHSA-2017-0183.NASL", "DEBIAN_DLA-763.NASL", "DEBIAN_DSA-3745.NASL", "EULEROS_SA-2017-1017.NASL", "EULEROS_SA-2017-1018.NASL", "EULEROS_SA-2019-2231.NASL", "EULEROS_SA-2019-2445.NASL", "EULEROS_SA-2019-2666.NASL", "FEDORA_2016-C614315D29.NASL", "FREEBSD_PKG_41F8AF15C8B911E6AE1B002590263BF5.NASL", "OPENSUSE-2017-115.NASL", "OPENSUSE-2017-127.NASL", "ORACLELINUX_ELSA-2017-0182.NASL", "ORACLELINUX_ELSA-2017-0183.NASL", "REDHAT-RHSA-2017-0182.NASL", "REDHAT-RHSA-2017-0183.NASL", "SL_20170124_SQUID34_ON_SL6_X.NASL", "SL_20170124_SQUID_ON_SL7_X.NASL", "SQUID_2016_11.NASL", "SQUID_4_0_17.NASL", "SUSE_SU-2017-0110-1.NASL", "SUSE_SU-2017-0116-1.NASL", "SUSE_SU-2017-0128-1.NASL", "UBUNTU_USN-3192-1.NASL", "VIRTUOZZO_VZLSA-2017-0182.NASL", "VIRTUOZZO_VZLSA-2017-0183.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310106478", "OPENVAS:1361412562310106479", "OPENVAS:1361412562310106480", "OPENVAS:1361412562310106484", "OPENVAS:1361412562310703745", "OPENVAS:1361412562310843044", "OPENVAS:1361412562310871750", "OPENVAS:1361412562310871751", "OPENVAS:1361412562310882645", "OPENVAS:1361412562310882646", "OPENVAS:1361412562311220171017", "OPENVAS:1361412562311220171018", "OPENVAS:1361412562311220192231", "OPENVAS:1361412562311220192445", "OPENVAS:1361412562311220192666", "OPENVAS:703745"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0182", "ELSA-2017-0183"]}, {"type": "redhat", "idList": ["RHSA-2017:0182", "RHSA-2017:0183"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-10002", "RH:CVE-2016-10003"]}, {"type": "ubuntu", "idList": ["USN-3192-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-10002", "UB:CVE-2016-10003"]}], "rev": 4}, "score": {"value": 5.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2017:0182", "CESA-2017:0183"]}, {"type": "cve", "idList": ["CVE-2016-10002", "CVE-2016-10003"]}, {"type": "debian", "idList": ["DEBIAN:DLA-763-1:79F4C", "DEBIAN:DSA-3745-1:08505"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-10002", "DEBIANCVE:CVE-2016-10003"]}, {"type": "fedora", "idList": ["FEDORA:9F5B5601C840"]}, {"type": "freebsd", "idList": ["41F8AF15-C8B9-11E6-AE1B-002590263BF5"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/ORACLE-SOLARIS-CVE-2016-10003/"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2017-0182.NASL", "CENTOS_RHSA-2017-0183.NASL", "DEBIAN_DLA-763.NASL", "DEBIAN_DSA-3745.NASL", "FEDORA_2016-C614315D29.NASL", "FREEBSD_PKG_41F8AF15C8B911E6AE1B002590263BF5.NASL", "ORACLELINUX_ELSA-2017-0182.NASL", "ORACLELINUX_ELSA-2017-0183.NASL", "REDHAT-RHSA-2017-0182.NASL", "REDHAT-RHSA-2017-0183.NASL", "SL_20170124_SQUID34_ON_SL6_X.NASL", "SL_20170124_SQUID_ON_SL7_X.NASL", "UBUNTU_USN-3192-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310106478", "OPENVAS:1361412562310106479", "OPENVAS:1361412562310106480", "OPENVAS:1361412562310106484", "OPENVAS:703745"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0182", "ELSA-2017-0183"]}, {"type": "redhat", "idList": ["RHSA-2017:0182", "RHSA-2017:0183"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-10002", "RH:CVE-2016-10003"]}, {"type": "ubuntu", "idList": ["USN-3192-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-10002", "UB:CVE-2016-10003"]}]}, "exploitation": null, "vulnersScore": 5.4}, "pluginID": "1361412562310872285", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2016-c614315d29\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872285\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-21 05:44:35 +0100 (Sat, 21 Jan 2017)\");\n script_cve_id(\"CVE-2016-10002\", \"CVE-2016-10003\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for squid FEDORA-2016-c614315d29\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"squid on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-c614315d29\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EGXJIK3U4AHZBWEPDXTJKEYGAHMKL6G\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~4.0.17~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}

{"nessus": [{"lastseen": "2021-08-19T12:38:16", "description": "Versions of Squid 4.0.x prior to 4.0.17, and 3.5.x prior to 3.5.18 are affected by multiple vulnerabilities :\n\n - A flaw exists in the collapsed forwarding functionality in 'client_side_reply.cc' that is triggered as request headers are not properly compared, which can cause the program to deliver responses containing private data to clients it should not have reached. This may allow a remote attacker to gain access to potentially sensitive information from other sessions.\n - A flaw exists in 'client_side_reply.cc' that is triggered during the handling of HTTP conditional requests. This may allow a remote attacker to gain access to potentially sensitive information from other sessions. ", "cvss3": {"score": 3.7, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2017-01-09T00:00:00", "type": "nessus", "title": "Squid 3.5.x < 3.5.23 / 4.0.x < 4.0.17 Multiple Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002", "CVE-2016-10003"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*"], "id": "9858.PRM", "href": "https://www.tenable.com/plugins/nnm/9858", "sourceData": "Binary data 9858.prm", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:14", "description": "Security fix for CVE-2016-10002, CVE-2016-10003\n\n----\n\nVersion update and bugfix of #1392476\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-23T00:00:00", "type": "nessus", "title": "Fedora 25 : 7:squid (2016-c614315d29)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002", "CVE-2016-10003"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:7:squid", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-C614315D29.NASL", "href": "https://www.tenable.com/plugins/nessus/96670", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-c614315d29.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96670);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-10002\", \"CVE-2016-10003\");\n script_xref(name:\"FEDORA\", value:\"2016-c614315d29\");\n\n script_name(english:\"Fedora 25 : 7:squid (2016-c614315d29)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-10002, CVE-2016-10003\n\n----\n\nVersion update and bugfix of #1392476\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-c614315d29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 7:squid package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:7:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"squid-4.0.17-1.fc25\", epoch:\"7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"7:squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:13", "description": "Saulius Lapinskas discovered that Squid incorrectly handled processing HTTP conditional requests. A remote attacker could possibly use this issue to obtain sensitive information related to other clients' browsing sessions. (CVE-2016-10002)\n\nFelix Hassert discovered that Squid incorrectly handled certain HTTP Request headers when using the Collapsed Forwarding feature. A remote attacker could possibly use this issue to obtain sensitive information related to other clients' browsing sessions. This issue only applied to Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10003).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-02-07T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : squid3 vulnerabilities (USN-3192-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002", "CVE-2016-10003"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:squid3", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3192-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97049", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3192-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97049);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-10002\", \"CVE-2016-10003\");\n script_xref(name:\"USN\", value:\"3192-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : squid3 vulnerabilities (USN-3192-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Saulius Lapinskas discovered that Squid incorrectly handled processing\nHTTP conditional requests. A remote attacker could possibly use this\nissue to obtain sensitive information related to other clients'\nbrowsing sessions. (CVE-2016-10002)\n\nFelix Hassert discovered that Squid incorrectly handled certain HTTP\nRequest headers when using the Collapsed Forwarding feature. A remote\nattacker could possibly use this issue to obtain sensitive information\nrelated to other clients' browsing sessions. This issue only applied\nto Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10003).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3192-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04|16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04 / 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"squid3\", pkgver:\"3.1.19-1ubuntu3.12.04.8\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"squid3\", pkgver:\"3.3.8-1ubuntu6.9\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"squid3\", pkgver:\"3.5.12-1ubuntu7.3\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"squid3\", pkgver:\"3.5.12-1ubuntu8.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:32", "description": "Squid security advisory 2016:10 reports :\n\nDue to incorrect comparison of request headers Squid can deliver responses containing private data to clients it should not have reached.\n\nThis problem allows a remote attacker to discover private and sensitive information about another clients browsing session.\nPotentially including credentials which allow access to further sensitive resources. This problem only affects Squid configured to use the Collapsed Forwarding feature. It is of particular importance for HTTPS reverse-proxy sites with Collapsed Forwarding.\n\nSquid security advisory 2016:11 reports :\n\nDue to incorrect HTTP conditional request handling Squid can deliver responses containing private data to clients it should not have reached.\n\nThis problem allows a remote attacker to discover private and sensitive information about another clients browsing session.\nPotentially including credentials which allow access to further sensitive resources..", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-12-27T00:00:00", "type": "nessus", "title": "FreeBSD : squid -- multiple vulnerabilities (41f8af15-c8b9-11e6-ae1b-002590263bf5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002", "CVE-2016-10003"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:squid", "p-cpe:/a:freebsd:freebsd:squid-devel", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_41F8AF15C8B911E6AE1B002590263BF5.NASL", "href": "https://www.tenable.com/plugins/nessus/96117", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96117);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-10002\", \"CVE-2016-10003\");\n\n script_name(english:\"FreeBSD : squid -- multiple vulnerabilities (41f8af15-c8b9-11e6-ae1b-002590263bf5)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Squid security advisory 2016:10 reports :\n\nDue to incorrect comparison of request headers Squid can deliver\nresponses containing private data to clients it should not have\nreached.\n\nThis problem allows a remote attacker to discover private and\nsensitive information about another clients browsing session.\nPotentially including credentials which allow access to further\nsensitive resources. This problem only affects Squid configured to use\nthe Collapsed Forwarding feature. It is of particular importance for\nHTTPS reverse-proxy sites with Collapsed Forwarding.\n\nSquid security advisory 2016:11 reports :\n\nDue to incorrect HTTP conditional request handling Squid can deliver\nresponses containing private data to clients it should not have\nreached.\n\nThis problem allows a remote attacker to discover private and\nsensitive information about another clients browsing session.\nPotentially including credentials which allow access to further\nsensitive resources..\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215416\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215418\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2016_10.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2016_11.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/41f8af15-c8b9-11e6-ae1b-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3deea4cd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"squid>=3.1<3.5.23\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"squid-devel>=4.0<4.0.17\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:24", "description": "This update for squid fixes the following issues :\n\n - CVE-2016-10003: Prevent incorrect forwarding of cached private responses when Collapsed Forwarding feature is enabled. This allowed remote attacker (proxy user) to discover private and sensitive information about another user (bsc#1016169).\n\n - CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached (bsc#1016168).\n\n - CVE-2014-9749: Prevent nonce replay in Digest authentication, preventing the reuse of stale auth tokens (bsc#949942).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-16T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : squid (SUSE-SU-2017:0128-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9749", "CVE-2016-10002", "CVE-2016-10003"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:squid", "p-cpe:/a:novell:suse_linux:squid-debuginfo", "p-cpe:/a:novell:suse_linux:squid-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-0128-1.NASL", "href": "https://www.tenable.com/plugins/nessus/96530", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0128-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96530);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-9749\", \"CVE-2016-10002\", \"CVE-2016-10003\");\n\n script_name(english:\"SUSE SLES12 Security Update : squid (SUSE-SU-2017:0128-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid fixes the following issues :\n\n - CVE-2016-10003: Prevent incorrect forwarding of cached\n private responses when Collapsed Forwarding feature is\n enabled. This allowed remote attacker (proxy user) to\n discover private and sensitive information about another\n user (bsc#1016169).\n\n - CVE-2016-10002: Fixed incorrect processing of responses\n to If-None-Modified HTTP conditional requests. This\n allowed responses containing private data to clients it\n should not have reached (bsc#1016168).\n\n - CVE-2014-9749: Prevent nonce replay in Digest\n authentication, preventing the reuse of stale auth\n tokens (bsc#949942).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1016168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1016169\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9749/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10002/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10003/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170128-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?74ae5c60\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-67=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-67=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"squid-3.5.21-25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.5.21-25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"squid-debugsource-3.5.21-25.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:09", "description": "This update for squid fixes the following issues :\n\n - CVE-2016-10003: Prevent incorrect forwarding of cached private responses when Collapsed Forwarding feature is enabled. This allowed remote attacker (proxy user) to discover private and sensitive information about another user (bsc#1016169).\n\n - CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached (bsc#1016168).\n\n - CVE-2014-9749: Prevent nonce replay in Digest authentication, preventing the reuse of stale auth tokens (bsc#949942).\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-19T00:00:00", "type": "nessus", "title": "openSUSE Security Update : squid (openSUSE-2017-115)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9749", "CVE-2016-10002", "CVE-2016-10003"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-115.NASL", "href": "https://www.tenable.com/plugins/nessus/96622", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-115.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96622);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9749\", \"CVE-2016-10002\", \"CVE-2016-10003\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-2017-115)\");\n script_summary(english:\"Check for the openSUSE-2017-115 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid fixes the following issues :\n\n - CVE-2016-10003: Prevent incorrect forwarding of cached\n private responses when Collapsed Forwarding feature is\n enabled. This allowed remote attacker (proxy user) to\n discover private and sensitive information about another\n user (bsc#1016169).\n\n - CVE-2016-10002: Fixed incorrect processing of responses\n to If-None-Modified HTTP conditional requests. This\n allowed responses containing private data to clients it\n should not have reached (bsc#1016168).\n\n - CVE-2014-9749: Prevent nonce replay in Digest\n authentication, preventing the reuse of stale auth\n tokens (bsc#949942).\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1016168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1016169\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=949942\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"squid-3.5.21-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"squid-debuginfo-3.5.21-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"squid-debugsource-3.5.21-3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:17:37", "description": "According to the version of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.(CVE-2016-10003)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-12-18T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : squid (EulerOS-SA-2019-2666)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10003"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:squid", "p-cpe:/a:huawei:euleros:squid-migration-script", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2666.NASL", "href": "https://www.tenable.com/plugins/nessus/132201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132201);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10003\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : squid (EulerOS-SA-2019-2666)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the squid packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - Incorrect HTTP Request header comparison in Squid HTTP\n Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16\n results in Collapsed Forwarding feature mistakenly\n identifying some private responses as being suitable\n for delivery to multiple clients.(CVE-2016-10003)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2666\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?68acedda\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"squid-3.5.20-2.2.h4\",\n \"squid-migration-script-3.5.20-2.2.h4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:36:45", "description": "According to its banner, the version of Squid running on the remote host is 3.x prior to 3.5.23, or 4.x prior to 4.0.17. It is, therefore, affected by an information disclosure vulnerability in the collapsed forwarding feature due to the incorrect comparison of request headers. An unauthenticated, remote attacker can exploit this to disclose potentially sensitive information.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-06-05T00:00:00", "type": "nessus", "title": "Squid 3.5.x < 3.5.23 / 4.x < 4.0.17 Information Disclosure Vulnerability (SQUID-2016:10)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10003"], "modified": "2019-03-27T00:00:00", "cpe": ["cpe:/a:squid-cache:squid"], "id": "SQUID_4_0_17.NASL", "href": "https://www.tenable.com/plugins/nessus/100617", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100617);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/03/27 13:17:50\");\n\n script_cve_id(\"CVE-2016-10003\");\n script_bugtraq_id(94953);\n\n script_name(english:\"Squid 3.5.x < 3.5.23 / 4.x < 4.0.17 Information Disclosure Vulnerability (SQUID-2016:10)\");\n script_summary(english:\"Checks the version of Squid.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy server is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Squid running on the remote\nhost is 3.x prior to 3.5.23, or 4.x prior to 4.0.17. It is,\ntherefore, affected by an information disclosure vulnerability in\nthe collapsed forwarding feature due to the incorrect comparison of\nrequest headers. An unauthenticated, remote attacker can exploit\nthis to disclose potentially sensitive information.\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_10.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Squid version 3.5.23 or 4.0.17 or later. Alternatively, \napply the vendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-10003\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squid-cache:squid\");\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"squid_version.nasl\");\n script_require_keys(\"installed_sw/Squid\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/http_proxy\", 3128, 8080);\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"http.inc\");\n\napp = \"Squid\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:3128);\n\napp_info = vcf::get_app_info(app:app, port:port, webapp:TRUE);\n\n# Affected versions: Squid 3.5 -> 3.5.22\n# Squid 4.0 -> 4.0.16\n# Fixed in version: Squid 4.0.17, 3.5.23\nconstraints = [\n {\"min_version\":\"3.5\", \"fixed_version\":\"3.5.23\"},\n {\"min_version\":\"4.0\", \"fixed_version\":\"4.0.17\"}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:28", "description": "Saulius Lapinskas from Lithuanian State Social Insurance Fund Board discovered that Squid3, a fully featured web proxy cache, does not properly process responses to If-None-Modified HTTP conditional requests, leading to client-specific Cookie data being leaked to other clients. A remote attacker can take advantage of this flaw to discover private and sensitive information about another clients browsing session.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-12-27T00:00:00", "type": "nessus", "title": "Debian DSA-3745-1 : squid3 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid3", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3745.NASL", "href": "https://www.tenable.com/plugins/nessus/96102", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3745. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96102);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-10002\");\n script_xref(name:\"DSA\", value:\"3745\");\n\n script_name(english:\"Debian DSA-3745-1 : squid3 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Saulius Lapinskas from Lithuanian State Social Insurance Fund Board\ndiscovered that Squid3, a fully featured web proxy cache, does not\nproperly process responses to If-None-Modified HTTP conditional\nrequests, leading to client-specific Cookie data being leaked to other\nclients. A remote attacker can take advantage of this flaw to discover\nprivate and sensitive information about another clients browsing\nsession.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/squid3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3745\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the squid3 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.4.8-6+deb8u4. In addition, this update includes a fix for\n\\#819563.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"squid-cgi\", reference:\"3.4.8-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid-purge\", reference:\"3.4.8-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid3\", reference:\"3.4.8-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid3-common\", reference:\"3.4.8-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid3-dbg\", reference:\"3.4.8-6+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squidclient\", reference:\"3.4.8-6+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:37:02", "description": "According to the version of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-05-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : squid (EulerOS-SA-2017-1017)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:squid", "p-cpe:/a:huawei:euleros:squid-migration-script", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1017.NASL", "href": "https://www.tenable.com/plugins/nessus/99863", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99863);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10002\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : squid (EulerOS-SA-2017-1017)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the squid packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - It was found that squid did not properly remove\n connection specific headers when answering conditional\n requests using a cached request. A remote attacker\n could send a specially crafted request to an HTTP\n server via the squid proxy and steal private data from\n other connections. (CVE-2016-10002)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1017\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a59ba26d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"squid-3.5.20-2.2\",\n \"squid-migration-script-3.5.20-2.2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:10", "description": "From Red Hat Security Advisory 2017:0183 :\n\nAn update for squid34 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-25T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : squid34 (ELSA-2017-0183)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:squid34", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2017-0183.NASL", "href": "https://www.tenable.com/plugins/nessus/96752", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:0183 and \n# Oracle Linux Security Advisory ELSA-2017-0183 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96752);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-10002\");\n script_xref(name:\"RHSA\", value:\"2017:0183\");\n\n script_name(english:\"Oracle Linux 6 : squid34 (ELSA-2017-0183)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:0183 :\n\nAn update for squid34 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe squid34 packages provide version 3.4 of Squid, a high-performance\nproxy caching server for web clients, supporting FTP, Gopher, and HTTP\ndata objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP\nserver via the squid proxy and steal private data from other\nconnections. (CVE-2016-10002)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-January/006682.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid34 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid34\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"squid34-3.4.14-9.el6_8.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid34\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:10", "description": "An update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-25T00:00:00", "type": "nessus", "title": "RHEL 7 : squid (RHSA-2017:0182)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squid", "p-cpe:/a:redhat:enterprise_linux:squid-debuginfo", "p-cpe:/a:redhat:enterprise_linux:squid-migration-script", "p-cpe:/a:redhat:enterprise_linux:squid-sysvinit", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2017-0182.NASL", "href": "https://www.tenable.com/plugins/nessus/96754", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0182. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96754);\n script_version(\"3.13\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-10002\");\n script_xref(name:\"RHSA\", value:\"2017:0182\");\n\n script_name(english:\"RHEL 7 : squid (RHSA-2017:0182)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP\nserver via the squid proxy and steal private data from other\nconnections. (CVE-2016-10002)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-10002\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0182\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-3.5.20-2.el7_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-3.5.20-2.el7_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-debuginfo-3.5.20-2.el7_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.5.20-2.el7_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-migration-script-3.5.20-2.el7_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-migration-script-3.5.20-2.el7_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-sysvinit-3.5.20-2.el7_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.5.20-2.el7_3.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-migration-script / squid-sysvinit\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:05", "description": "An update for squid34 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-25T00:00:00", "type": "nessus", "title": "RHEL 6 : squid34 (RHSA-2017:0183)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squid34", "p-cpe:/a:redhat:enterprise_linux:squid34-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2017-0183.NASL", "href": "https://www.tenable.com/plugins/nessus/96755", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0183. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96755);\n script_version(\"3.11\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-10002\");\n script_xref(name:\"RHSA\", value:\"2017:0183\");\n\n script_name(english:\"RHEL 6 : squid34 (RHSA-2017:0183)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for squid34 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe squid34 packages provide version 3.4 of Squid, a high-performance\nproxy caching server for web clients, supporting FTP, Gopher, and HTTP\ndata objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP\nserver via the squid proxy and steal private data from other\nconnections. (CVE-2016-10002)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-10002\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid34 and / or squid34-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid34\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid34-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0183\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"squid34-3.4.14-9.el6_8.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"squid34-3.4.14-9.el6_8.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"squid34-3.4.14-9.el6_8.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"squid34-debuginfo-3.4.14-9.el6_8.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"squid34-debuginfo-3.4.14-9.el6_8.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"squid34-debuginfo-3.4.14-9.el6_8.4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid34 / squid34-debuginfo\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:29:42", "description": "According to its banner, the version of Squid running on the remote host is 3.x after 3.1 and prior to 3.5.23, or 4.x prior to 4.0.17. It is, therefore, affected by an information disclosure vulnerability in the HTTP request processing component due to the incorrect HTTP conditional request handling. An unauthenticated, remote attacker can exploit this to disclose potentially sensitive information.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-12-17T00:00:00", "type": "nessus", "title": "Squid 3.1 < 3.x < 3.5.23 / 4.x < 4.0.17 Information Disclosure Vulnerability (SQUID-2016:11)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2019-10-31T00:00:00", "cpe": ["cpe:/a:squid-cache:squid"], "id": "SQUID_2016_11.NASL", "href": "https://www.tenable.com/plugins/nessus/119721", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119721);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\"CVE-2016-10002\");\n\n script_name(english:\"Squid 3.1 < 3.x < 3.5.23 / 4.x < 4.0.17 Information Disclosure Vulnerability (SQUID-2016:11)\");\n script_summary(english:\"Checks the version of Squid.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy server is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Squid running on the remote\nhost is 3.x after 3.1 and prior to 3.5.23, or 4.x prior to 4.0.17. It\nis, therefore, affected by an information disclosure vulnerability in\nthe HTTP request processing component due to the incorrect HTTP\nconditional request handling. An unauthenticated, remote attacker can\nexploit this to disclose potentially sensitive information.\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_11.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Squid version 3.5.23 or 4.0.17 or later. Alternatively,\napply the vendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-10002\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/17\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squid-cache:squid\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"squid_version.nasl\");\n script_require_keys(\"installed_sw/Squid\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/http_proxy\", 3128, 8080);\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"http.inc\");\n\napp = \"Squid\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:3128);\n\napp_info = vcf::get_app_info(app:app, port:port, webapp:TRUE);\n\n# Affected versions: Squid 3.1 -> 3.5.22\n# Squid 4.0 -> 4.0.16\n# Fixed in version: Squid 4.0.17, 3.5.23\nconstraints = [\n {\"min_version\":\"3.1\", \"fixed_version\":\"3.5.23\"},\n {\"min_version\":\"4.0\", \"fixed_version\":\"4.0.17\"}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:10", "description": "Security Fix(es) :\n\n - It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-25T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : squid34 on SL6.x i386/x86_64 (20170124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:squid34", "p-cpe:/a:fermilab:scientific_linux:squid34-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170124_SQUID34_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/96759", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96759);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-10002\");\n\n script_name(english:\"Scientific Linux Security Update : squid34 on SL6.x i386/x86_64 (20170124)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - It was found that squid did not properly remove\n connection specific headers when answering conditional\n requests using a cached request. A remote attacker could\n send a specially crafted request to an HTTP server via\n the squid proxy and steal private data from other\n connections. (CVE-2016-10002)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1701&L=scientific-linux-errata&F=&S=&P=10793\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?133cb19e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid34 and / or squid34-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid34\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid34-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"squid34-3.4.14-9.el6_8.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"squid34-debuginfo-3.4.14-9.el6_8.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid34 / squid34-debuginfo\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:08", "description": "From Red Hat Security Advisory 2017:0182 :\n\nAn update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-25T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : squid (ELSA-2017-0182)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:squid", "p-cpe:/a:oracle:linux:squid-migration-script", "p-cpe:/a:oracle:linux:squid-sysvinit", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2017-0182.NASL", "href": "https://www.tenable.com/plugins/nessus/96751", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:0182 and \n# Oracle Linux Security Advisory ELSA-2017-0182 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96751);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-10002\");\n script_xref(name:\"RHSA\", value:\"2017:0182\");\n\n script_name(english:\"Oracle Linux 7 : squid (ELSA-2017-0182)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:0182 :\n\nAn update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP\nserver via the squid proxy and steal private data from other\nconnections. (CVE-2016-10002)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-January/006681.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"squid-3.5.20-2.el7_3.2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"squid-migration-script-3.5.20-2.el7_3.2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.5.20-2.el7_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-migration-script / squid-sysvinit\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:36:09", "description": "An update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-07-13T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : squid / squid-migration-script / squid-sysvinit (VZLSA-2017-0182)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:squid", "p-cpe:/a:virtuozzo:virtuozzo:squid-migration-script", "p-cpe:/a:virtuozzo:virtuozzo:squid-sysvinit", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZLSA-2017-0182.NASL", "href": "https://www.tenable.com/plugins/nessus/101413", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101413);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2016-10002\"\n );\n\n script_name(english:\"Virtuozzo 7 : squid / squid-migration-script / squid-sysvinit (VZLSA-2017-0182)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP\nserver via the squid proxy and steal private data from other\nconnections. (CVE-2016-10002)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-0182.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d0ed364f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-0182\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid / squid-migration-script / squid-sysvinit package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"squid-3.5.20-2.vl7.2\",\n \"squid-migration-script-3.5.20-2.vl7.2\",\n \"squid-sysvinit-3.5.20-2.vl7.2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-7\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-migration-script / squid-sysvinit\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:14", "description": "An update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-27T00:00:00", "type": "nessus", "title": "CentOS 7 : squid (CESA-2017:0182)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:squid", "p-cpe:/a:centos:centos:squid-migration-script", "p-cpe:/a:centos:centos:squid-sysvinit", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2017-0182.NASL", "href": "https://www.tenable.com/plugins/nessus/96810", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0182 and \n# CentOS Errata and Security Advisory 2017:0182 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96810);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-10002\");\n script_xref(name:\"RHSA\", value:\"2017:0182\");\n\n script_name(english:\"CentOS 7 : squid (CESA-2017:0182)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP\nserver via the squid proxy and steal private data from other\nconnections. (CVE-2016-10002)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-January/022252.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f87f8c23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-10002\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-3.5.20-2.el7_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-migration-script-3.5.20-2.el7_3.2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.5.20-2.el7_3.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-migration-script / squid-sysvinit\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:36:10", "description": "An update for squid34 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-07-13T00:00:00", "type": "nessus", "title": "Virtuozzo 6 : squid34 (VZLSA-2017-0183)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:squid34", "cpe:/o:virtuozzo:virtuozzo:6"], "id": "VIRTUOZZO_VZLSA-2017-0183.NASL", "href": "https://www.tenable.com/plugins/nessus/101414", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101414);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2016-10002\"\n );\n\n script_name(english:\"Virtuozzo 6 : squid34 (VZLSA-2017-0183)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for squid34 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe squid34 packages provide version 3.4 of Squid, a high-performance\nproxy caching server for web clients, supporting FTP, Gopher, and HTTP\ndata objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP\nserver via the squid proxy and steal private data from other\nconnections. (CVE-2016-10002)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-0183.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2528b589\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-0183\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid34 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:squid34\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"squid34-3.4.14-9.vl6.4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid34\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:04", "description": "An update for squid34 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-27T00:00:00", "type": "nessus", "title": "CentOS 6 : squid34 (CESA-2017:0183)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:squid34", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2017-0183.NASL", "href": "https://www.tenable.com/plugins/nessus/96811", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0183 and \n# CentOS Errata and Security Advisory 2017:0183 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96811);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-10002\");\n script_xref(name:\"RHSA\", value:\"2017:0183\");\n\n script_name(english:\"CentOS 6 : squid34 (CESA-2017:0183)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for squid34 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe squid34 packages provide version 3.4 of Squid, a high-performance\nproxy caching server for web clients, supporting FTP, Gopher, and HTTP\ndata objects.\n\nSecurity Fix(es) :\n\n* It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP\nserver via the squid proxy and steal private data from other\nconnections. (CVE-2016-10002)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-January/022255.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5b4ebd55\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid34 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-10002\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid34\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"squid34-3.4.14-9.el6_8.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid34\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:15", "description": "Security Fix(es) :\n\n - It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-25T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : squid on SL7.x x86_64 (20170124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:squid", "p-cpe:/a:fermilab:scientific_linux:squid-debuginfo", "p-cpe:/a:fermilab:scientific_linux:squid-migration-script", "p-cpe:/a:fermilab:scientific_linux:squid-sysvinit", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170124_SQUID_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/96760", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96760);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-10002\");\n\n script_name(english:\"Scientific Linux Security Update : squid on SL7.x x86_64 (20170124)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - It was found that squid did not properly remove\n connection specific headers when answering conditional\n requests using a cached request. A remote attacker could\n send a specially crafted request to an HTTP server via\n the squid proxy and steal private data from other\n connections. (CVE-2016-10002)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1701&L=scientific-linux-errata&F=&S=&P=10470\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2ca09a4f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-3.5.20-2.el7_3.2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.5.20-2.el7_3.2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-migration-script-3.5.20-2.el7_3.2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.5.20-2.el7_3.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-migration-script / squid-sysvinit\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:36", "description": "Saulius Lapinskas from Lithuanian State Social Insurance Fund Board discovered that Squid3, a fully featured web proxy cache, does not properly process responses to If-None-Modified HTTP conditional requests, leading to client-specific Cookie data being leaked to other clients. A remote attacker can take advantage of this flaw to discover private and sensitive information about another client's browsing session.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 3.1.20-2.2+deb7u7.\n\nWe recommend that you upgrade your squid3 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-12-27T00:00:00", "type": "nessus", "title": "Debian DLA-763-1 : squid3 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid-cgi", "p-cpe:/a:debian:debian_linux:squid3", "p-cpe:/a:debian:debian_linux:squid3-common", "p-cpe:/a:debian:debian_linux:squid3-dbg", "p-cpe:/a:debian:debian_linux:squidclient", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-763.NASL", "href": "https://www.tenable.com/plugins/nessus/96098", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-763-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96098);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-10002\");\n\n script_name(english:\"Debian DLA-763-1 : squid3 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Saulius Lapinskas from Lithuanian State Social Insurance Fund Board\ndiscovered that Squid3, a fully featured web proxy cache, does not\nproperly process responses to If-None-Modified HTTP conditional\nrequests, leading to client-specific Cookie data being leaked to other\nclients. A remote attacker can take advantage of this flaw to discover\nprivate and sensitive information about another client's browsing\nsession.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.1.20-2.2+deb7u7.\n\nWe recommend that you upgrade your squid3 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/12/msg00039.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/squid3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squidclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"squid-cgi\", reference:\"3.1.20-2.2+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3\", reference:\"3.1.20-2.2+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3-common\", reference:\"3.1.20-2.2+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3-dbg\", reference:\"3.1.20-2.2+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squidclient\", reference:\"3.1.20-2.2+deb7u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:37:11", "description": "According to the version of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-05-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : squid (EulerOS-SA-2017-1018)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:squid", "p-cpe:/a:huawei:euleros:squid-migration-script", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1018.NASL", "href": "https://www.tenable.com/plugins/nessus/99864", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99864);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10002\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : squid (EulerOS-SA-2017-1018)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the squid packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - It was found that squid did not properly remove\n connection specific headers when answering conditional\n requests using a cached request. A remote attacker\n could send a specially crafted request to an HTTP\n server via the squid proxy and steal private data from\n other connections. (CVE-2016-10002)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1018\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ece0816c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"squid-3.5.20-2.2\",\n \"squid-migration-script-3.5.20-2.2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:38", "description": "This update for squid3 fixes the following issues :\n\n - CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached (bsc#1016168)\n\n - CVE-2014-9749: Prevent nonce replay in Digest authentication, preventing the reuse of stale auth tokens (bsc#949942)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-12T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : squid3 (SUSE-SU-2017:0110-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9749", "CVE-2016-10002"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:squid3", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2017-0110-1.NASL", "href": "https://www.tenable.com/plugins/nessus/96432", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0110-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96432);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9749\", \"CVE-2016-10002\");\n\n script_name(english:\"SUSE SLES11 Security Update : squid3 (SUSE-SU-2017:0110-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid3 fixes the following issues :\n\n - CVE-2016-10002: Fixed incorrect processing of responses\n to If-None-Modified HTTP conditional requests. This\n allowed responses containing private data to clients it\n should not have reached (bsc#1016168)\n\n - CVE-2014-9749: Prevent nonce replay in Digest\n authentication, preventing the reuse of stale auth\n tokens (bsc#949942)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1016168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9749/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10002/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170110-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?92bc9e1a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-squid3-12934=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-squid3-12934=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"squid3-3.1.23-8.16.36.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:10", "description": "This update for squid fixes the following issues :\n\n - CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached (bsc#1016168)\n\n - CVE-2014-9749: Prevent nonce replay in Digest authentication, preventing the reuse of stale auth tokens (bsc#949942)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : squid (openSUSE-2017-127)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9749", "CVE-2016-10002"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2017-127.NASL", "href": "https://www.tenable.com/plugins/nessus/96648", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-127.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96648);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9749\", \"CVE-2016-10002\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-2017-127)\");\n script_summary(english:\"Check for the openSUSE-2017-127 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid fixes the following issues :\n\n - CVE-2016-10002: Fixed incorrect processing of responses\n to If-None-Modified HTTP conditional requests. This\n allowed responses containing private data to clients it\n should not have reached (bsc#1016168)\n\n - CVE-2014-9749: Prevent nonce replay in Digest\n authentication, preventing the reuse of stale auth\n tokens (bsc#949942)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1016168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=949942\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"squid-3.3.14-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"squid-debuginfo-3.3.14-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"squid-debugsource-3.3.14-12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:38:28", "description": "This update for squid fixes the following issues :\n\n - CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached (bsc#1016168)\n\n - CVE-2014-9749: Prevent nonce replay in Digest authentication, preventing the reuse of stale auth tokens (bsc#949942)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2017-01-13T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : squid (SUSE-SU-2017:0116-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9749", "CVE-2016-10002"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:squid", "p-cpe:/a:novell:suse_linux:squid-debuginfo", "p-cpe:/a:novell:suse_linux:squid-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-0116-1.NASL", "href": "https://www.tenable.com/plugins/nessus/96482", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0116-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96482);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-9749\", \"CVE-2016-10002\");\n\n script_name(english:\"SUSE SLES12 Security Update : squid (SUSE-SU-2017:0116-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid fixes the following issues :\n\n - CVE-2016-10002: Fixed incorrect processing of responses\n to If-None-Modified HTTP conditional requests. This\n allowed responses containing private data to clients it\n should not have reached (bsc#1016168)\n\n - CVE-2014-9749: Prevent nonce replay in Digest\n authentication, preventing the reuse of stale auth\n tokens (bsc#949942)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1016168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9749/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10002/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170116-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?84ca372a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-57=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"squid-3.3.14-22.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"squid-debuginfo-3.3.14-22.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"squid-debugsource-3.3.14-22.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:18:07", "description": "According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.(CVE-2016-10003)\n\n - Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.(CVE-2018-19131)\n\n - Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.(CVE-2018-19132)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : squid (EulerOS-SA-2019-2231)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10003", "CVE-2018-19131", "CVE-2018-19132"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:squid", "p-cpe:/a:huawei:euleros:squid-migration-script", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2231.NASL", "href": "https://www.tenable.com/plugins/nessus/130693", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130693);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10003\",\n \"CVE-2018-19131\",\n \"CVE-2018-19132\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : squid (EulerOS-SA-2019-2231)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the squid packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Incorrect HTTP Request header comparison in Squid HTTP\n Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16\n results in Collapsed Forwarding feature mistakenly\n identifying some private responses as being suitable\n for delivery to multiple clients.(CVE-2016-10003)\n\n - Squid before 4.4 has XSS via a crafted X.509\n certificate during HTTP(S) error page generation for\n certificate errors.(CVE-2018-19131)\n\n - Squid before 4.4, when SNMP is enabled, allows a denial\n of service (Memory Leak) via an SNMP\n packet.(CVE-2018-19132)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2231\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d1347fc2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"squid-3.5.20-12.h5.eulerosv2r7\",\n \"squid-migration-script-3.5.20-12.h5.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T17:02:40", "description": "According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.(CVE-2018-19131)\n\n - Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.(CVE-2018-19132)\n\n - Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.(CVE-2016-10003)\n\n - An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.(CVE-2019-12525)\n\n - The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.(CVE-2019-13345)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-04T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : squid (EulerOS-SA-2019-2445)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10003", "CVE-2018-19131", "CVE-2018-19132", "CVE-2019-12525", "CVE-2019-13345"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:squid", "p-cpe:/a:huawei:euleros:squid-migration-script", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2445.NASL", "href": "https://www.tenable.com/plugins/nessus/131599", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131599);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10003\",\n \"CVE-2018-19131\",\n \"CVE-2018-19132\",\n \"CVE-2019-12525\",\n \"CVE-2019-13345\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : squid (EulerOS-SA-2019-2445)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the squid packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Squid before 4.4 has XSS via a crafted X.509\n certificate during HTTP(S) error page generation for\n certificate errors.(CVE-2018-19131)\n\n - Squid before 4.4, when SNMP is enabled, allows a denial\n of service (Memory Leak) via an SNMP\n packet.(CVE-2018-19132)\n\n - Incorrect HTTP Request header comparison in Squid HTTP\n Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16\n results in Collapsed Forwarding feature mistakenly\n identifying some private responses as being suitable\n for delivery to multiple clients.(CVE-2016-10003)\n\n - An issue was discovered in Squid 3.3.9 through 3.5.28\n and 4.x through 4.7. When Squid is configured to use\n Digest authentication, it parses the header\n Proxy-Authorization. It searches for certain tokens\n such as domain, uri, and qop. Squid checks if this\n token's value starts with a quote and ends with one. If\n so, it performs a memcpy of its length minus 2. Squid\n never checks whether the value is just a single quote\n (which would satisfy its requirements), leading to a\n memcpy of its length minus 1.(CVE-2019-12525)\n\n - The cachemgr.cgi web module of Squid through 4.7 has\n XSS via the user_name or auth\n parameter.(CVE-2019-13345)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2445\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a5f83c6a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"squid-3.5.20-2.2.h5\",\n \"squid-migration-script-3.5.20-2.2.h5\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Incorrect processing of responses to If-None-Modified HTTP conditional requests leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information (CVE-2016-10002). Incorrect HTTP Request header comparison results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients (CVE-2016-10003). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-12-22T21:41:01", "type": "mageia", "title": "Updated squid packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002", "CVE-2016-10003"], "modified": "2016-12-22T21:41:01", "id": "MGASA-2016-0423", "href": "https://advisories.mageia.org/MGASA-2016-0423.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "ubuntu": [{"lastseen": "2022-01-04T12:18:20", "description": "Saulius Lapinskas discovered that Squid incorrectly handled processing \nHTTP conditional requests. A remote attacker could possibly use this issue \nto obtain sensitive information related to other clients' browsing \nsessions. (CVE-2016-10002)\n\nFelix Hassert discovered that Squid incorrectly handled certain HTTP \nRequest headers when using the Collapsed Forwarding feature. A remote \nattacker could possibly use this issue to obtain sensitive information \nrelated to other clients' browsing sessions. This issue only applied to \nUbuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10003)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-02-06T00:00:00", "type": "ubuntu", "title": "Squid vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10003", "CVE-2016-10002"], "modified": "2017-02-06T00:00:00", "id": "USN-3192-1", "href": "https://ubuntu.com/security/notices/USN-3192-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nSquid security advisory 2016:10 reports:\n\nDue to incorrect comparison of request headers Squid can deliver\n\t responses containing private data to clients it should not have\n\t reached.\nThis problem allows a remote attacker to discover private and\n\t sensitive information about another clients browsing session.\n\t Potentially including credentials which allow access to further\n\t sensitive resources. This problem only affects Squid configured\n\t to use the Collapsed Forwarding feature. It is of particular\n\t importance for HTTPS reverse-proxy sites with Collapsed\n\t Forwarding.\n\nSquid security advisory 2016:11 reports:\n\nDue to incorrect HTTP conditional request handling Squid can\n\t deliver responses containing private data to clients it should not\n\t have reached.\nThis problem allows a remote attacker to discover private and\n\t sensitive information about another clients browsing session.\n\t Potentially including credentials which allow access to further\n\t sensitive resources..\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-12-16T00:00:00", "type": "freebsd", "title": "squid -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002", "CVE-2016-10003"], "modified": "2016-12-16T00:00:00", "id": "41F8AF15-C8B9-11E6-AE1B-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/41f8af15-c8b9-11e6-ae1b-002590263bf5.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-20T18:08:36", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: squid-4.0.17-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002", "CVE-2016-10003"], "modified": "2017-01-20T18:08:36", "id": "FEDORA:9F5B5601C840", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2EGXJIK3U4AHZBWEPDXTJKEYGAHMKL6G/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:34:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-02-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for squid3 USN-3192-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002", "CVE-2016-10003"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843044", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for squid3 USN-3192-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843044\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-07 05:45:34 +0100 (Tue, 07 Feb 2017)\");\n script_cve_id(\"CVE-2016-10002\", \"CVE-2016-10003\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for squid3 USN-3192-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Saulius Lapinskas discovered that Squid\n incorrectly handled processing HTTP conditional requests. A remote attacker\n could possibly use this issue to obtain sensitive information related to other\n clients' browsing sessions. (CVE-2016-10002)\n\nFelix Hassert discovered that Squid incorrectly handled certain HTTP\nRequest headers when using the Collapsed Forwarding feature. A remote\nattacker could possibly use this issue to obtain sensitive information\nrelated to other clients' browsing sessions. This issue only applied to\nUbuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10003)\");\n script_tag(name:\"affected\", value:\"squid3 on Ubuntu 16.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3192-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3192-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.10|12\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.3.8-1ubuntu6.9\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.5.12-1ubuntu8.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.19-1ubuntu3.12.04.8\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.5.12-1ubuntu7.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:14", "description": "Squid is prone an information disclosure vulnerability.", "cvss3": {}, "published": "2016-12-19T00:00:00", "type": "openvas", "title": "Squid Information Disclosure Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10003"], "modified": "2019-05-10T00:00:00", "id": "OPENVAS:1361412562310106484", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106484", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid Information Disclosure Vulnerability (Windows)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:squid-cache:squid';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106484\");\n script_version(\"2019-05-10T14:24:23+0000\");\n script_tag(name:\"last_modification\", value:\"2019-05-10 14:24:23 +0000 (Fri, 10 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-12-19 14:15:02 +0700 (Mon, 19 Dec 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_cve_id(\"CVE-2016-10003\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Squid Information Disclosure Vulnerability (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_squid_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Squid is prone an information disclosure vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Due to incorrect comparison of request headers Squid can deliver responses\ncontaining private data to clients it should not have reached.\");\n\n script_tag(name:\"impact\", value:\"This problem allows a remote attacker to discover private and sensitive\ninformation about another clients browsing session. Potentially including credentials which allow access to\nfurther sensitive resources.\n\nThis problem only affects Squid configured to use the Collapsed Forwarding feature.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.5.x 4.0.x on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to 3.5.23, 4.0.17 or later.\");\n\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_10.txt\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_in_range(version: version, test_version: \"3.5.0\", test_version2: \"3.5.22\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"3.5.23\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.0.0\", test_version2: \"4.0.16\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.0.17\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:38:01", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2019-2666)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10003"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192666", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192666", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2666\");\n script_version(\"2020-01-23T13:13:12+0000\");\n script_cve_id(\"CVE-2016-10003\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:13:12 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:13:12 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2019-2666)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2666\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2666\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'squid' package(s) announced via the EulerOS-SA-2019-2666 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.(CVE-2016-10003)\");\n\n script_tag(name:\"affected\", value:\"'squid' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~2.2.h4\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~2.2.h4\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:46", "description": "Squid is prone an information disclosure vulnerability.", "cvss3": {}, "published": "2016-12-19T00:00:00", "type": "openvas", "title": "Squid Information Disclosure Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10003"], "modified": "2019-05-10T00:00:00", "id": "OPENVAS:1361412562310106480", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106480", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid Information Disclosure Vulnerability (Linux)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:squid-cache:squid';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106480\");\n script_version(\"2019-05-10T14:24:23+0000\");\n script_tag(name:\"last_modification\", value:\"2019-05-10 14:24:23 +0000 (Fri, 10 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-12-19 14:15:02 +0700 (Mon, 19 Dec 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_cve_id(\"CVE-2016-10003\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Squid Information Disclosure Vulnerability (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_squid_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Squid is prone an information disclosure vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Due to incorrect comparison of request headers Squid can deliver responses\ncontaining private data to clients it should not have reached.\");\n\n script_tag(name:\"impact\", value:\"This problem allows a remote attacker to discover private and sensitive\ninformation about another clients browsing session. Potentially including credentials which allow access to\nfurther sensitive resources.\n\nThis problem only affects Squid configured to use the Collapsed Forwarding feature.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.5.x 4.0.x on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to 3.5.23, 4.0.17 or later.\");\n\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_10.txt\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_in_range(version: version, test_version: \"3.5.0\", test_version2: \"3.5.22\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"3.5.23\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.0.0\", test_version2: \"4.0.16\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.0.17\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-01-25T00:00:00", "type": "openvas", "title": "RedHat Update for squid RHSA-2017:0182-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871750", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871750", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squid RHSA-2017:0182-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871750\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-25 05:41:58 +0100 (Wed, 25 Jan 2017)\");\n script_cve_id(\"CVE-2016-10002\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for squid RHSA-2017:0182-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching\nserver for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n * It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP server\nvia the squid proxy and steal private data from other connections.\n(CVE-2016-10002)\");\n script_tag(name:\"affected\", value:\"squid on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0182-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00040.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~2.el7_3.2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~3.5.20~2.el7_3.2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~2.el7_3.2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:28", "description": "Saulius Lapinskas from Lithuanian\nState Social Insurance Fund Board discovered that Squid3, a fully featured web\nproxy cache, does not properly process responses to If-None-Modified HTTP\nconditional requests, leading to client-specific Cookie data being leaked to other\nclients. A remote attacker can take advantage of this flaw to discover\nprivate and sensitive information about another clients browsing\nsession.", "cvss3": {}, "published": "2016-12-24T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3745-1 (squid3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703745", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703745", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3745.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3745-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703745\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-10002\");\n script_name(\"Debian Security Advisory DSA 3745-1 (squid3 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-24 00:00:00 +0100 (Sat, 24 Dec 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3745.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"squid3 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 3.4.8-6+deb8u4.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.23-1.\n\nWe recommend that you upgrade your squid3 packages.\");\n script_tag(name:\"summary\", value:\"Saulius Lapinskas from Lithuanian\nState Social Insurance Fund Board discovered that Squid3, a fully featured web\nproxy cache, does not properly process responses to If-None-Modified HTTP\nconditional requests, leading to client-specific Cookie data being leaked to other\nclients. A remote attacker can take advantage of this flaw to discover\nprivate and sensitive information about another clients browsing\nsession.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.4.8-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid-purge\", ver:\"3.4.8-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.4.8-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.4.8-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.4.8-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.4.8-6+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:41:25", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2017-1018)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171018", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171018", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1018\");\n script_version(\"2020-01-23T10:44:05+0000\");\n script_cve_id(\"CVE-2016-10002\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:44:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:44:05 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2017-1018)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1018\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1018\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'squid' package(s) announced via the EulerOS-SA-2017-1018 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)\");\n\n script_tag(name:\"affected\", value:\"'squid' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~2.2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~2.2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-07-25T12:16:51", "description": "Squid is prone an information disclosure vulnerability.", "cvss3": {}, "published": "2016-12-19T00:00:00", "type": "openvas", "title": "Squid Information Disclosure Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2019-07-24T00:00:00", "id": "OPENVAS:1361412562310106478", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106478", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid Information Disclosure Vulnerability (Windows)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:squid-cache:squid';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106478\");\n script_version(\"2019-07-24T08:39:52+0000\");\n script_tag(name:\"last_modification\", value:\"2019-07-24 08:39:52 +0000 (Wed, 24 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-12-19 14:15:02 +0700 (Mon, 19 Dec 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_cve_id(\"CVE-2016-10002\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Squid Information Disclosure Vulnerability (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_squid_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Squid is prone an information disclosure vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Due to incorrect HTTP conditional request handling Squid can deliver\nresponses containing private data to clients it should not have reached.\");\n\n script_tag(name:\"impact\", value:\"A remote attacker may discover private and sensitive information about\nanother clients browsing session. Potentially including credentials which allow access to further sensitive\nresources.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.1 until 3.5.22, 4.0 until 4.0.16 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to 3.5.23, 4.0.17 or later.\");\n\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_11.txt\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version =~ \"^3\\.1\") {\n if (version_is_greater_equal(version: version, test_version: \"3.1.10\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"3.5.23\");\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version_in_range(version: version, test_version: \"3.2.0.3\", test_version2: \"3.5.22\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"3.5.23\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.0.0\", test_version2: \"4.0.16\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.0.17\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:55:09", "description": "Saulius Lapinskas from Lithuanian\nState Social Insurance Fund Board discovered that Squid3, a fully featured web\nproxy cache, does not properly process responses to If-None-Modified HTTP\nconditional requests, leading to client-specific Cookie data being leaked to other\nclients. A remote attacker can take advantage of this flaw to discover\nprivate and sensitive information about another clients browsing\nsession.", "cvss3": {}, "published": "2016-12-24T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3745-1 (squid3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703745", "href": "http://plugins.openvas.org/nasl.php?oid=703745", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3745.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3745-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703745);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-10002\");\n script_name(\"Debian Security Advisory DSA 3745-1 (squid3 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-12-24 00:00:00 +0100 (Sat, 24 Dec 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3745.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"squid3 on Debian Linux\");\n script_tag(name: \"insight\", value: \"Squid is a high-performance proxy\ncaching server for web clients, supporting FTP, gopher, ICY and HTTP data\nobjects.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 3.4.8-6+deb8u4.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.23-1.\n\nWe recommend that you upgrade your squid3 packages.\");\n script_tag(name: \"summary\", value: \"Saulius Lapinskas from Lithuanian\nState Social Insurance Fund Board discovered that Squid3, a fully featured web\nproxy cache, does not properly process responses to If-None-Modified HTTP\nconditional requests, leading to client-specific Cookie data being leaked to other\nclients. A remote attacker can take advantage of this flaw to discover\nprivate and sensitive information about another clients browsing\nsession.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.4.8-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-purge\", ver:\"3.4.8-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.4.8-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.4.8-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.4.8-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.4.8-6+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:33:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-01-25T00:00:00", "type": "openvas", "title": "RedHat Update for squid34 RHSA-2017:0183-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871751", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871751", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squid34 RHSA-2017:0183-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871751\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-25 05:41:59 +0100 (Wed, 25 Jan 2017)\");\n script_cve_id(\"CVE-2016-10002\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for squid34 RHSA-2017:0183-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid34'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The squid34 packages provide version 3.4\nof Squid, a high-performance proxy caching server for web clients, supporting FTP,\nGopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n * It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP server\nvia the squid proxy and steal private data from other connections.\n(CVE-2016-10002)\");\n script_tag(name:\"affected\", value:\"squid34 on\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0183-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00041.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid34\", rpm:\"squid34~3.4.14~9.el6_8.4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid34-debuginfo\", rpm:\"squid34-debuginfo~3.4.14~9.el6_8.4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:30", "description": "Check the version of squid", "cvss3": {}, "published": "2017-01-27T00:00:00", "type": "openvas", "title": "CentOS Update for squid CESA-2017:0182 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882645", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882645", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squid CESA-2017:0182 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882645\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-27 05:42:23 +0100 (Fri, 27 Jan 2017)\");\n script_cve_id(\"CVE-2016-10002\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for squid CESA-2017:0182 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of squid\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching\nserver for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n * It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP server\nvia the squid proxy and steal private data from other connections.\n(CVE-2016-10002)\");\n script_tag(name:\"affected\", value:\"squid on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:0182\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-January/022252.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~2.el7_3.2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~2.el7_3.2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-sysvinit\", rpm:\"squid-sysvinit~3.5.20~2.el7_3.2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-07-25T12:18:28", "description": "Squid is prone an information disclosure vulnerability.", "cvss3": {}, "published": "2016-12-19T00:00:00", "type": "openvas", "title": "Squid Information Disclosure Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2019-07-24T00:00:00", "id": "OPENVAS:1361412562310106479", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106479", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid Information Disclosure Vulnerability (Linux)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:squid-cache:squid';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106479\");\n script_version(\"2019-07-24T08:39:52+0000\");\n script_tag(name:\"last_modification\", value:\"2019-07-24 08:39:52 +0000 (Wed, 24 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-12-19 14:15:02 +0700 (Mon, 19 Dec 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_cve_id(\"CVE-2016-10002\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Squid Information Disclosure Vulnerability (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_squid_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Squid is prone an information disclosure vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Due to incorrect HTTP conditional request handling Squid can deliver\nresponses containing private data to clients it should not have reached.\");\n\n script_tag(name:\"impact\", value:\"A remote attacker may discover private and sensitive information about\nanother clients browsing session. Potentially including credentials which allow access to further sensitive\nresources.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.1 until 3.5.22, 4.0 until 4.0.16 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to 3.5.23, 4.0.17 or later.\");\n\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_11.txt\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version =~ \"^3\\.1\") {\n if (version_is_greater_equal(version: version, test_version: \"3.1.10\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"3.5.23\");\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version_in_range(version: version, test_version: \"3.2.0.3\", test_version2: \"3.5.22\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"3.5.23\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"4.0.0\", test_version2: \"4.0.16\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.0.17\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:36:06", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2017-1017)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171017", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171017", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1017\");\n script_version(\"2020-01-23T10:44:04+0000\");\n script_cve_id(\"CVE-2016-10002\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:44:04 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:44:04 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2017-1017)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1017\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1017\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'squid' package(s) announced via the EulerOS-SA-2017-1017 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)\");\n\n script_tag(name:\"affected\", value:\"'squid' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~2.2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~2.2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:33", "description": "Check the version of squid34", "cvss3": {}, "published": "2017-01-27T00:00:00", "type": "openvas", "title": "CentOS Update for squid34 CESA-2017:0183 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10002"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882646", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882646", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squid34 CESA-2017:0183 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882646\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-27 05:42:25 +0100 (Fri, 27 Jan 2017)\");\n script_cve_id(\"CVE-2016-10002\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for squid34 CESA-2017:0183 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of squid34\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The squid34 packages provide version 3.4\nof Squid, a high-performance proxy caching server for web clients, supporting\nFTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n * It was found that squid did not properly remove connection specific\nheaders when answering conditional requests using a cached request. A\nremote attacker could send a specially crafted request to an HTTP server\nvia the squid proxy and steal private data from other connections.\n(CVE-2016-10002)\");\n script_tag(name:\"affected\", value:\"squid34 on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:0183\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-January/022255.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid34\", rpm:\"squid34~3.4.14~9.el6_8.4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:39:12", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2019-2231)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19131", "CVE-2016-10003", "CVE-2018-19132"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192231", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192231", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2231\");\n script_version(\"2020-01-23T12:42:11+0000\");\n script_cve_id(\"CVE-2016-10003\", \"CVE-2018-19131\", \"CVE-2018-19132\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:42:11 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:42:11 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2019-2231)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2231\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2231\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'squid' package(s) announced via the EulerOS-SA-2019-2231 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.(CVE-2016-10003)\n\nSquid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.(CVE-2018-19131)\n\nSquid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.(CVE-2018-19132)\");\n\n script_tag(name:\"affected\", value:\"'squid' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~12.h5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~12.h5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:35:45", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2019-2445)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19131", "CVE-2019-13345", "CVE-2016-10003", "CVE-2018-19132", "CVE-2019-12525"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192445", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192445", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2445\");\n script_version(\"2020-01-23T12:58:00+0000\");\n script_cve_id(\"CVE-2016-10003\", \"CVE-2018-19131\", \"CVE-2018-19132\", \"CVE-2019-12525\", \"CVE-2019-13345\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:58:00 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:58:00 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2019-2445)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2445\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2445\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'squid' package(s) announced via the EulerOS-SA-2019-2445 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.(CVE-2018-19131)\n\nSquid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.(CVE-2018-19132)\n\nIncorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.(CVE-2016-10003)\n\nAn issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.(CVE-2019-12525)\n\nThe cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.(CVE-2019-13345)\");\n\n script_tag(name:\"affected\", value:\"'squid' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~2.2.h5\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~2.2.h5\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2021-09-02T22:51:57", "description": "Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-12-19T09:17:32", "type": "redhatcve", "title": "CVE-2016-10003", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10003"], "modified": "2020-04-14T19:00:53", "id": "RH:CVE-2016-10003", "href": "https://access.redhat.com/security/cve/cve-2016-10003", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-09-02T22:51:58", "description": "It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-12-19T09:17:25", "type": "redhatcve", "title": "CVE-2016-10002", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2020-08-18T08:50:59", "id": "RH:CVE-2016-10002", "href": "https://access.redhat.com/security/cve/cve-2016-10002", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2021-12-14T17:52:58", "description": "Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-27T17:59:00", "type": "debiancve", "title": "CVE-2016-10003", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10003"], "modified": "2017-01-27T17:59:00", "id": "DEBIANCVE:CVE-2016-10003", "href": "https://security-tracker.debian.org/tracker/CVE-2016-10003", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-14T17:52:58", "description": "Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-27T17:59:00", "type": "debiancve", "title": "CVE-2016-10002", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2017-01-27T17:59:00", "id": "DEBIANCVE:CVE-2016-10002", "href": "https://security-tracker.debian.org/tracker/CVE-2016-10002", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:44:20", "description": "Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1\nthrough 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding\nfeature mistakenly identifying some private responses as being suitable for\ndelivery to multiple clients.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848491>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-27T00:00:00", "type": "ubuntucve", "title": "CVE-2016-10003", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10003"], "modified": "2017-01-27T00:00:00", "id": "UB:CVE-2016-10003", "href": "https://ubuntu.com/security/CVE-2016-10003", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-11-22T21:44:20", "description": "Incorrect processing of responses to If-None-Modified HTTP conditional\nrequests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22,\nand 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked\nto other clients. Attack requests can easily be crafted by a client to\nprobe a cache for this information.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848493>\n * <http://bugs.squid-cache.org/show_bug.cgi?id=4169>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-27T00:00:00", "type": "ubuntucve", "title": "CVE-2016-10002", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2017-01-27T00:00:00", "id": "UB:CVE-2016-10002", "href": "https://ubuntu.com/security/CVE-2016-10002", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-03-23T12:04:26", "description": "Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-27T17:59:00", "type": "cve", "title": "CVE-2016-10003", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10003"], "modified": "2017-02-28T02:37:00", "cpe": ["cpe:/a:squid-cache:squid:4.0.15", "cpe:/a:squid-cache:squid:3.5.0.2", "cpe:/a:squid-cache:squid:4.0.11", "cpe:/a:squid-cache:squid:3.5.4", "cpe:/a:squid-cache:squid:3.5.1", "cpe:/a:squid-cache:squid:3.5.0.4", "cpe:/a:squid-cache:squid:4.0.3", "cpe:/a:squid-cache:squid:4.0.1", "cpe:/a:squid-cache:squid:4.0.14", "cpe:/a:squid-cache:squid:3.5.19", "cpe:/a:squid-cache:squid:4.0.7", "cpe:/a:squid-cache:squid:3.5.12", "cpe:/a:squid-cache:squid:4.0.8", "cpe:/a:squid-cache:squid:3.5.16", "cpe:/a:squid-cache:squid:4.0.4", "cpe:/a:squid-cache:squid:4.0.6", "cpe:/a:squid-cache:squid:3.5.9", "cpe:/a:squid-cache:squid:4.0.9", "cpe:/a:squid-cache:squid:3.5.6", "cpe:/a:squid-cache:squid:4.0.2", "cpe:/a:squid-cache:squid:3.5.20", "cpe:/a:squid-cache:squid:3.5.0.1", "cpe:/a:squid-cache:squid:4.0.12", "cpe:/a:squid-cache:squid:3.5.0.3", "cpe:/a:squid-cache:squid:3.5.7", "cpe:/a:squid-cache:squid:3.5.2", "cpe:/a:squid-cache:squid:3.5.17", "cpe:/a:squid-cache:squid:4.0.16", "cpe:/a:squid-cache:squid:3.5.8", "cpe:/a:squid-cache:squid:3.5.5", "cpe:/a:squid-cache:squid:3.5.13", "cpe:/a:squid-cache:squid:4.0.10", "cpe:/a:squid-cache:squid:3.5.3", "cpe:/a:squid-cache:squid:3.5.18", "cpe:/a:squid-cache:squid:3.5.14", "cpe:/a:squid-cache:squid:3.5.15", "cpe:/a:squid-cache:squid:4.0.13", "cpe:/a:squid-cache:squid:3.5.21", "cpe:/a:squid-cache:squid:3.5.11", "cpe:/a:squid-cache:squid:3.5.22", "cpe:/a:squid-cache:squid:3.5.10", "cpe:/a:squid-cache:squid:4.0.5"], "id": "CVE-2016-10003", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10003", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:squid-cache:squid:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.20:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.22:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.21:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:04:03", "description": "Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-27T17:59:00", "type": "cve", "title": "CVE-2016-10002", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2018-01-05T02:30:00", "cpe": ["cpe:/a:squid-cache:squid:3.5.0.2", "cpe:/a:squid-cache:squid:3.1.11", "cpe:/a:squid-cache:squid:3.2.0.12", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:squid-cache:squid:3.4.4", "cpe:/a:squid-cache:squid:4.0.14", "cpe:/a:squid-cache:squid:3.5.9", "cpe:/a:squid-cache:squid:3.2.13", "cpe:/a:squid-cache:squid:3.5.6", "cpe:/a:squid-cache:squid:3.1.17", "cpe:/a:squid-cache:squid:3.1.21", "cpe:/a:squid-cache:squid:4.0.12", "cpe:/a:squid-cache:squid:3.2.0.6", "cpe:/a:squid-cache:squid:3.5.5", "cpe:/a:squid-cache:squid:3.2.9", "cpe:/a:squid-cache:squid:3.4.6", "cpe:/a:squid-cache:squid:3.5.18", "cpe:/a:squid-cache:squid:3.5.21", "cpe:/a:squid-cache:squid:3.2.0.11", "cpe:/a:squid-cache:squid:3.2.0.18", "cpe:/a:squid-cache:squid:3.2.0.10", "cpe:/a:squid-cache:squid:3.3.7", "cpe:/a:squid-cache:squid:3.1.16", "cpe:/a:squid-cache:squid:3.5.1", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.2.0.19", "cpe:/a:squid-cache:squid:3.4.9", "cpe:/a:squid-cache:squid:3.5.0.4", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/a:squid-cache:squid:4.0.3", "cpe:/a:squid-cache:squid:3.2.7", "cpe:/a:squid-cache:squid:4.0.1", "cpe:/a:squid-cache:squid:3.1.18", "cpe:/a:squid-cache:squid:3.2.0.16", "cpe:/a:squid-cache:squid:3.5.19", "cpe:/a:squid-cache:squid:3.2.4", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/a:squid-cache:squid:3.3.9", "cpe:/a:squid-cache:squid:3.3.12", "cpe:/a:squid-cache:squid:4.0.4", "cpe:/a:squid-cache:squid:4.0.6", "cpe:/a:squid-cache:squid:3.1.23", "cpe:/a:squid-cache:squid:4.0.9", "cpe:/a:squid-cache:squid:3.3.14", "cpe:/a:squid-cache:squid:4.0.2", "cpe:/a:squid-cache:squid:3.2.6", "cpe:/a:squid-cache:squid:3.2.0.13", "cpe:/a:squid-cache:squid:3.5.0.3", "cpe:/a:squid-cache:squid:3.5.17", "cpe:/a:squid-cache:squid:3.3.0.1", "cpe:/a:squid-cache:squid:3.3.11", "cpe:/a:squid-cache:squid:3.4.1", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.1.15", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.4.0.1", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.2.0.15", "cpe:/a:squid-cache:squid:4.0.5", "cpe:/a:squid-cache:squid:3.3.13", "cpe:/a:squid-cache:squid:3.2.14", "cpe:/a:squid-cache:squid:4.0.15", "cpe:/a:squid-cache:squid:3.4.7", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.1.12", "cpe:/a:squid-cache:squid:3.2.0.14", "cpe:/a:squid-cache:squid:3.1.20", "cpe:/a:squid-cache:squid:3.2.11", "cpe:/a:squid-cache:squid:4.0.7", "cpe:/a:squid-cache:squid:3.5.12", "cpe:/a:squid-cache:squid:4.0.8", "cpe:/a:squid-cache:squid:3.1.10", "cpe:/a:squid-cache:squid:3.4.11", "cpe:/a:squid-cache:squid:3.4.8", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.5.20", "cpe:/a:squid-cache:squid:3.4.14", "cpe:/a:squid-cache:squid:3.4.5", "cpe:/a:squid-cache:squid:3.5.0.1", "cpe:/a:squid-cache:squid:3.1.22", "cpe:/a:squid-cache:squid:3.2.1", "cpe:/a:squid-cache:squid:3.3.1", "cpe:/a:squid-cache:squid:3.4.0.3", "cpe:/a:squid-cache:squid:3.3.8", "cpe:/a:squid-cache:squid:3.4.3", "cpe:/a:squid-cache:squid:3.5.3", "cpe:/a:squid-cache:squid:3.5.14", "cpe:/a:squid-cache:squid:3.2.8", "cpe:/a:squid-cache:squid:3.3.10", "cpe:/a:squid-cache:squid:4.0.11", "cpe:/a:squid-cache:squid:3.4.13", "cpe:/a:squid-cache:squid:3.2.0.17", "cpe:/a:squid-cache:squid:3.5.4", "cpe:/a:squid-cache:squid:3.1.19", "cpe:/a:squid-cache:squid:3.3.6", "cpe:/a:squid-cache:squid:3.4.0.2", "cpe:/a:squid-cache:squid:3.1.14", "cpe:/a:squid-cache:squid:3.2.3", "cpe:/a:squid-cache:squid:3.4.12", "cpe:/a:squid-cache:squid:3.5.16", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.2.10", "cpe:/a:squid-cache:squid:3.4.2", "cpe:/a:squid-cache:squid:3.2.2", "cpe:/a:squid-cache:squid:3.5.7", "cpe:/a:squid-cache:squid:3.5.2", "cpe:/a:squid-cache:squid:4.0.16", "cpe:/a:squid-cache:squid:3.5.8", "cpe:/a:squid-cache:squid:3.5.13", "cpe:/a:squid-cache:squid:3.2.5", "cpe:/a:squid-cache:squid:4.0.10", "cpe:/a:squid-cache:squid:3.5.15", "cpe:/a:squid-cache:squid:3.2.12", "cpe:/a:squid-cache:squid:4.0.13", "cpe:/a:squid-cache:squid:3.4.0.4", "cpe:/a:squid-cache:squid:3.5.11", "cpe:/a:squid-cache:squid:3.5.22", "cpe:/a:squid-cache:squid:3.5.10", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.4.10"], "id": "CVE-2016-10002", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10002", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:squid-cache:squid:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.23:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.20:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.21:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.12:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.22:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.19:*:*:*:*:*:*:*"]}], "oraclelinux": [{"lastseen": "2021-07-28T14:25:02", "description": "[7:3.4.14-9.4]\n- Resolves: #1412733 - CVE-2016-10002 squid34: squid: Information disclosure\n in HTTP request processing", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-24T00:00:00", "type": "oraclelinux", "title": "squid34 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2017-01-24T00:00:00", "id": "ELSA-2017-0183", "href": "http://linux.oracle.com/errata/ELSA-2017-0183.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:24:28", "description": "[7:3.5.20-2.2]\n- Resolves: #1412735 - CVE-2016-10002 squid: Information disclosure in HTTP\n request processing", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-24T00:00:00", "type": "oraclelinux", "title": "squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2017-01-24T00:00:00", "id": "ELSA-2017-0182", "href": "http://linux.oracle.com/errata/ELSA-2017-0182.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "debian": [{"lastseen": "2021-10-21T22:10:11", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3745-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 24, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : squid3\nCVE ID : CVE-2016-10002\nDebian Bug : 848493\n\nSaulius Lapinskas from Lithuanian State Social Insurance Fund Board\ndiscovered that Squid3, a fully featured web proxy cache, does not\nproperly process responses to If-None-Modified HTTP conditional\nrequests, leading to client-specific Cookie data being leaked to other\nclients. A remote attacker can take advantage of this flaw to discover\nprivate and sensitive information about another clients browsing\nsession.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.4.8-6+deb8u4. In addition, this update includes a fix for\n#819563.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.23-1.\n\nWe recommend that you upgrade your squid3 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-12-24T04:41:28", "type": "debian", "title": "[SECURITY] [DSA 3745-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2016-12-24T04:41:28", "id": "DEBIAN:DSA-3745-1:9F55A", "href": "https://lists.debian.org/debian-security-announce/2016/msg00329.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-25T17:42:30", "description": "Package : squid3\nVersion : 3.1.20-2.2+deb7u7\nCVE ID : CVE-2016-10002\nDebian Bug : 848493\n\nSaulius Lapinskas from Lithuanian State Social Insurance Fund Board\ndiscovered that Squid3, a fully featured web proxy cache, does not\nproperly process responses to If-None-Modified HTTP conditional\nrequests, leading to client-specific Cookie data being leaked to other\nclients. A remote attacker can take advantage of this flaw to discover\nprivate and sensitive information about another client's browsing\nsession.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n3.1.20-2.2+deb7u7.\n\nWe recommend that you upgrade your squid3 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-12-25T20:13:13", "type": "debian", "title": "[SECURITY] [DLA 763-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2016-12-25T20:13:13", "id": "DEBIAN:DLA-763-1:79F4C", "href": "https://lists.debian.org/debian-lts-announce/2016/12/msg00039.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-23T21:42:19", "description": "Package : squid3\nVersion : 3.1.20-2.2+deb7u7\nCVE ID : CVE-2016-10002\nDebian Bug : 848493\n\nSaulius Lapinskas from Lithuanian State Social Insurance Fund Board\ndiscovered that Squid3, a fully featured web proxy cache, does not\nproperly process responses to If-None-Modified HTTP conditional\nrequests, leading to client-specific Cookie data being leaked to other\nclients. A remote attacker can take advantage of this flaw to discover\nprivate and sensitive information about another client's browsing\nsession.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n3.1.20-2.2+deb7u7.\n\nWe recommend that you upgrade your squid3 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-12-25T20:13:13", "type": "debian", "title": "[SECURITY] [DLA 763-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2016-12-25T20:13:13", "id": "DEBIAN:DLA-763-1:3DF12", "href": "https://lists.debian.org/debian-lts-announce/2016/12/msg00039.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-02-13T18:13:04", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3745-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 24, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : squid3\nCVE ID : CVE-2016-10002\nDebian Bug : 848493\n\nSaulius Lapinskas from Lithuanian State Social Insurance Fund Board\ndiscovered that Squid3, a fully featured web proxy cache, does not\nproperly process responses to If-None-Modified HTTP conditional\nrequests, leading to client-specific Cookie data being leaked to other\nclients. A remote attacker can take advantage of this flaw to discover\nprivate and sensitive information about another clients browsing\nsession.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.4.8-6+deb8u4. In addition, this update includes a fix for\n#819563.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.23-1.\n\nWe recommend that you upgrade your squid3 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-12-24T04:41:28", "type": "debian", "title": "[SECURITY] [DSA 3745-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2016-12-24T04:41:28", "id": "DEBIAN:DSA-3745-1:08505", "href": "https://lists.debian.org/debian-security-announce/2016/msg00329.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2021-10-19T18:37:16", "description": "The squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-24T09:01:46", "type": "redhat", "title": "(RHSA-2017:0183) Moderate: squid34 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2018-06-06T16:24:17", "id": "RHSA-2017:0183", "href": "https://access.redhat.com/errata/RHSA-2017:0183", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-21T04:46:00", "description": "Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-24T09:01:31", "type": "redhat", "title": "(RHSA-2017:0182) Moderate: squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2018-04-11T23:33:37", "id": "RHSA-2017:0182", "href": "https://access.redhat.com/errata/RHSA-2017:0182", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "centos": [{"lastseen": "2022-02-27T11:51:58", "description": "**CentOS Errata and Security Advisory** CESA-2017:0182\n\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2017-January/059171.html\n\n**Affected packages:**\nsquid\nsquid-migration-script\nsquid-sysvinit\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2017:0182", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-26T21:45:40", "type": "centos", "title": "squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2017-01-26T21:45:40", "id": "CESA-2017:0182", "href": "https://lists.centos.org/pipermail/centos-announce/2017-January/059171.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-02-27T11:51:58", "description": "**CentOS Errata and Security Advisory** CESA-2017:0183\n\n\nThe squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n* It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2017-January/059174.html\n\n**Affected packages:**\nsquid34\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2017:0183", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-26T20:22:31", "type": "centos", "title": "squid34 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10002"], "modified": "2017-01-26T20:22:31", "id": "CESA-2017:0183", "href": "https://lists.centos.org/pipermail/centos-announce/2017-January/059174.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}

Fedora Update for squid FEDORA-2016-c614315d29

Description

Related