Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2011:0545
HistoryMay 19, 2011 - 12:00 a.m.

(RHSA-2011:0545) Low: squid security and bug fix update

2011-05-1900:00:00
access.redhat.com
10

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.955 High

EPSS

Percentile

99.2%

JSON

Squid is a high-performance proxy caching server for web clients,
supporting FTP, Gopher, and HTTP data objects.

It was found that string comparison functions in Squid did not properly
handle the comparisons of NULL and empty strings. A remote, trusted web
client could use this flaw to cause the squid daemon to crash via a
specially-crafted request. (CVE-2010-3072)

This update also fixes the following bugs:

  • A small memory leak in Squid caused multiple “ctx: enter level” messages
    to be logged to “/var/log/squid/cache.log”. This update resolves the memory
    leak. (BZ#666533)

  • This erratum upgrades Squid to upstream version 3.1.10. This upgraded
    version supports the Google Instant service and introduces various code
    improvements. (BZ#639365)

Users of squid should upgrade to this updated package, which resolves these
issues. After installing this update, the squid service will be restarted
automatically.

Related

nessus 13
prion 1
openvas 12
veracode 1
cvelist 1
securityvulns 2
debiancve 1
osv 1
cve 1
freebsd 1
oraclelinux 1
debian 2
ubuntucve 1
gentoo 1
nessus
nessus
openSUSE Security Update : squid3 (openSUSE-SU-2010:0727-1)
2010-10-18 00:00:00
Debian DSA-2111-1 : squid3 - denial of service
2010-09-20 00:00:00
Squid < 3.1.8 / 3.2.0.2 NULL Pointer Dereference Denial of Service
2010-09-28 00:00:00
prion
prion
Null pointer dereference
2010-09-20 21:00:00
openvas
openvas
Mandriva Update for squid MDVSA-2010:187 (squid)
2010-09-27 00:00:00
Squid String Processing NULL Pointer Dereference DoS Vulnerability (SQUID-2010:3)
2010-09-07 00:00:00
Oracle: Security Advisory (ELSA-2011-0545)
2015-10-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:59:14
cvelist
cvelist
CVE-2010-3072
2010-09-20 20:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2111-1] New squid3 packages fix denial of service
2010-09-20 00:00:00
Squid proxy server DoS
2010-09-20 00:00:00
debiancve
debiancve
CVE-2010-3072
2010-09-20 21:00:00
osv
osv
squid3 - denial of service
2010-09-19 00:00:00
cve
cve
CVE-2010-3072
2010-09-20 21:00:00
freebsd
freebsd
squid -- Denial of service vulnerability in request handling
2010-08-30 00:00:00
oraclelinux
oraclelinux
squid security and bug fix update
2011-05-28 00:00:00
debian
debian
[SECURITY] [DSA 2111-1] New squid3 packages fix denial of service
2010-09-19 13:56:18
[BSA-031] Security Update for squid3
2011-04-11 11:38:44
ubuntucve
ubuntucve
CVE-2010-3072
2010-09-20 00:00:00
gentoo
gentoo
Squid: Multiple vulnerabilities
2011-10-26 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.955 High

EPSS

Percentile

99.2%

JSON
Related for RHSA-2011:0545
nessus13prion1openvas12veracode1cvelist1securityvulns2debiancve1osv1cve1freebsd1oraclelinux1debian2ubuntucve1gentoo1