81 matches found
squid:4 security update
An update is available for libecap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Squid is a high-performance proxy caching server for web clients, supporting...
Analyze Web-based Network Traffic: squidmagic
Analyze Web-based Network Traffic squidmagic is a tool designed to analyze a web-based network traffic to detect central command and control C&C servers and Malicious site, using Squid proxy server and Spamhaus. Install Ubuntu 16.04 Clone this repo & execute the script squidmagic ./install.sh ✓...
Moderate: Red Hat Security Advisory: squid security update
An update for squid is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
The vulnerability of the Squid proxy server allows a hacker to cause a service failure.
The vulnerability of the http.cc function in the Squid proxy server exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to cause a service failure—such as the appearance of an “Assertion failure” message and the termination of the...
[SECURITY] Fedora 20 Update: squid-3.3.13-1.fc20
Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...
squid proxy server buffer overflow
Crash on DNS response parsing...
Squid 3.1.6 DNS Reply Denial of Service
According to its banner, the version of the Squid proxy caching server installed on the remote host is 3.1.6. This version is affected by a denial of service vulnerability that is caused by an assertion failure when contacting IPv4-only DNS resolvers. Note that Nessus has relied only on the versi...
Squid < 3.0.STABLE19 / 3.1.0.14 / 2.6.STABLE23 strListGetItem Function Remote DoS
According to its banner, the version of the Squid proxy caching server installed on the remote host is older than 3.0.STABLE19 / 3.1.0.14 / 2.6.STABLE23. A bug in the 'strListGetItem' function in 'src/HttpHeaderTools.c' can result in an infinite loop when processing a specially crafted auth heade...
squid proxy server DoS
Crash on authentication, crash on DNS reply parsing...
Squid 3.0.STABLE16 / 3.10.11
According to its banner, the version of the Squid proxy caching server installed on the remote host is older than 3.0.STABLE17 or 3.1.0.12. Such versions reportedly use incorrect bounds checking when processing some requests or responses. Squid-2.x releases are not vulnerable. C Tenable Network...
CVE-2008-1167
Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obtained from third party information...
CVE-2008-1167
Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obtained from third party information...
Moderate: Red Hat Security Advisory: squid security update
Updated squid packages that fix a security vulnerability as well as several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HT...
RHEL 4 : squid (RHSA-2006:0052)
The remote Redhat Enterprise Linux 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2006:0052 advisory. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. A denial of service flaw was found i...
squid proxy server access control lists protection bypass
If LDAP authentication is used space can be added to username to bypass ACL restrictuions...
Mandrake Linux Security Advisory : squid (MDKSA-2001:066)
The Squid proxy server has a serious security flaw in versions 2.3.STABLE2 through 2.3.STABLE4. This problem surfaces when Squid is used in httpdaccel mode. If you configure httpaccelwithproxy off then any request to Squid is allowed. Malicious users may use your proxy to portscan remote systems,...
CVE-2001-0843
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service crash via a mkdir-only FTP PUT request...
Squid Proxy Server contains buffer overflow in parsing of the authentication portion of FTP URLs
Overview There is a remotely exploitable buffer overflow in the Squid proxy/cache server. Exploitation of this vulnerability could lead to an intruder gaining a shell on the target Squid server. Description Squid versions 2.3 and 2.4 are vulnerable to a buffer overflow in the code that parses FTP...
Squid 2.0-4 - Cache FTP Proxy URL Buffer Overflow
Squid 2.0-4 - Cache FTP Proxy URL Buffer Overflow // source: https://www.securityfocus.com/bid/4148/info A buffer overflow exists in the Squid proxy server's FTP URL handling. If a user has the ability to use the Squid process to proxy FTP requests, it may be possible for the user make a maliciou...
Squid 2.0-4 - Cache FTP Proxy URL Buffer Overflow
// source: https://www.securityfocus.com/bid/4148/info A buffer overflow exists in the Squid proxy server's FTP URL handling. If a user has the ability to use the Squid process to proxy FTP requests, it may be possible for the user make a malicious request. By sending a custom-crafted ftp:// URL...