89 matches found
[SECURITY] [DSA 1482-1] New squid packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1482-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 05, 2008 http://www.debian.org/security/faq -...
GLSA-200801-05 : Squid: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200801-05 Squid: Denial of Service The Wikimedia Foundation reported a memory leak vulnerability when performing cache updates. Impact : A remote attacker could perform numerous specially crafted requests to the vulnerable server,...
openSUSE 10 Security Update : squid (squid-4779)
This update of squid fixes a denial-of-service bug during cache update reply processing. CVE-2007-6239 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update squid-4779. The text description of this...
SuSE 10 Security Update : squid (ZYPP Patch Number 4782)
This update of squid fixes a denial-of-service bug during cache update reply processing. CVE-2007-6239 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid29824;...
Moderate: squid security update
2.5.STABLE3-8.3E - fix for 410181 - CVE-2007-6239 Squid DoS in cache updates 2.5.STABLE3-7 - resolves: 238103: 'forwardedfor off' in squid.conf does not work...
Fedora 7 : squid-2.6.STABLE16-2.fc7 (2007-4161)
Thu Dec 6 2007 Martin Nagy - 7:2.6.STABLE16-1 - Upstream patch to fix CVE-2007-6239 410181 - Fri Sep 7 2007 Martin Bacovsky - 7:2.6.STABLE16-1 - upgrade to latest upstream 2.6.STABLE14 - Wed Aug 1 2007 Martin Bacovsky - 7:2.6.STABLE14-1 - upgrade to latest upstream 2.6.STABLE14 - Mon Jun 4 2007...
CVE-2007-6239
CVE-2007-6239 affects Squid 2.x up to 2.6.STABLE17 and Squid 3.0. A flaw in cache update reply processing can cause denial of service by exhausting memory (array/memory leak) during requests for cached objects, via remote attackers. The issue is triggered by HTTP header handling and related array...
MailEnable NetWebAdmin Unauthorized Access (ME-10019)
The remote version of MailEnable contains a web-based administration tool that allows a user to login with a blank password. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid23755; scriptversion"1.19";...
CVE-2006-6239
CVE-2006-6239 affects MailEnable NetWebAdmin Professional 2.32 and Enterprise 2.32; the webadmin authentication can be bypassed with an empty password, enabling remote access. CVSS v2 base score 7.5 (HIGH). Remediation: apply MailEnable hotfix ME-10019 (as documented by advisories); exploitation ...