84 matches found
Debian DSA-3948-1 : ioquake3 - security update
A read buffer overflow was discovered in the idtech3 Quake III Arena family of game engines. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted packet. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Debian: Security Advisory (DSA-3948-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-3948
Cross Site Scripting XSS in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint DLP Endpoint 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session...
CVE-2017-3948
Summary: CVE-2017-3948 is a Cross Site Scripting (XSS) vulnerability in the IMG Tags of the ePO extension for McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x. The underlying issue is an XSS in IMG Tags that allows an authenticated user to inject arbitrary web script or HTML via malicio...
CVE-2010-3948
This CVE entry is rejected/not used and does not represent an active vulnerability entry.
CVE-2010-3948
...
Scientific Linux Security Update : squid on SL7.x x86_64 (20161103)
The following packages have been upgraded to a newer upstream version: squid 3.5.20. Security Fixes : - Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid usi...
CentOS 7 : squid (CESA-2016:2600)
An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
openSUSE Security Update : squid (openSUSE-2016-988)
The Squid HTTP proxy has been updated to version 3.3.14, fixing the following security issues : - Fixed multiple Denial of Service issues in HTTP Response processing. CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc968392, bsc968393, bsc968394, bsc968395 - CVE-2016-3947: Buffer...
Fedora Update for squid FEDORA-2016-b3b9407940
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : 7:squid (2016-95edf19d8a)
Bugfix ---- Security fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556 ---- Security fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 ---- Security fix for CVE-2016-3947 and CVE-2016-3948 Note that Tenable Network Security has extracted the preceding description...
Fedora 23 : 7:squid (2016-b3b9407940)
Security fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556 ---- Security fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 ---- Security fix for CVE-2016-3947 and CVE-2016-3948 ---- Security fix for CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572 Note tha...
GLSA-201607-01 : Squid: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201607-01 Squid: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details. Impact : An attacker can possibly execute arbitrary code or create a...
Squid HTTP Response Processing Denial of Service (CVE-2016-3948)
The vulnerability is due to improper bounds checking while processing HTTP responses. A remote, unauthenticated attacker can exploit this vulnerability by returning crafted HTTP responses to the vulnerable proxy server. Successful exploitation of the vulnerability could lead to denial-of-service...
CVE-2016-3948
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers...
CVE-2016-3948
CVE-2016-3948 affects Squid 3.x before 3.5.16 and 4.x before 4.0.8, where insufficient bounds checking on HTTP Vary headers allows remote attackers to cause a denial of service via a crafted HTTP response. Related advisories show fixes in newer Squid releases (e.g., 3.5.20 and 4.x series updates)...
Updated squid packages fix security vulnerabilities
Updated squid packages fix security vulnerabilities: Due to a buffer overrun, the Squid pinger binary in Squid before 3.5.16 is vulnerable to a denial of service or information leak attack when processing ICMPv6 packets. This bug also permits the server response to manipulate other ICMP and ICMPv...
CVE-2015-3948
Cross-site scripting XSS vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-3948
Summary : CVE-2015-3948 is a cross-site scripting (XSS) vulnerability in Advantech WebAccess prior to 8.1. The issue allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. According to NVD, the CVSS base score (v3) is 5.4 (Medium) with network access, lo...
CVE-2015-3948
Cross-site scripting XSS vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...