Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.30 views

Rocky Linux 8 : squid:4 (RLSA-2019:2593)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2019:2593 advisory. - An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decod...

8.8CVSS7.1AI score0.50454EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.39 views

Mageia: Security Advisory (MGASA-2019-0266)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.74477EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.38 views

CentOS 8 : squid:4 (CESA-2019:2593)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:2593 advisory. - squid: heap-based buffer overflow in HttpHeader::getAuth CVE-2019-12527 Note that Nessus has not tested for this issue but has instead relied only on the...

8.8CVSS7.1AI score0.50454EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2019-2093)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.74477EPSS
Exploits1References2
Mageia
Mageia
added 2019/09/12 7:9 p.m.61 views

Updated squid packages fix security vulnerabilities

Updated squid packages fix security vulnerabilities: It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service CVE-2019-12525. It was discovered that Squid incorrectly handled...

9.8CVSS2.7AI score0.74477EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/09/05 12:0 a.m.41 views

Oracle Linux 8 : squid:4 (ELSA-2019-2593)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2593 advisory. libecap 1.0.1-2 - Resolves: 1696354 - Ensure modular RPM upgrade path squid 7:4.4-5 - Resolves: 1744672 - CVE-2019-12527 squid:4/squid: heap-based buffer overfl...

8.8CVSS7.1AI score0.50454EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/09/03 1:56 a.m.143 views

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.9AI score0.50454EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2019/09/03 12:0 a.m.42 views

squid:4 security update

libecap 1.0.1-2 - Resolves: 1696354 - Ensure modular RPM upgrade path squid 7:4.4-5 - Resolves: 1744672 - CVE-2019-12527 squid:4/squid: heap-based buffer overflow in HttpHeader::getAuth...

8.8CVSS1.2AI score0.50454EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/09/03 12:0 a.m.48 views

RHEL 8 : squid:4 (RHSA-2019:2593)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2593 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: heap-based...

8.8CVSS7.2AI score0.50454EPSS
Exploits0References4
OSV
OSV
added 2019/09/02 10:22 a.m.26 views

RLSA-2019:2593 Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: heap-based buffer overflow in HttpHeader::getAuth CVE-2019-12527 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

7.5CVSS9.5AI score0.50454EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2019/09/02 10:22 a.m.37 views

Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: heap-based buffer overflow in HttpHeader::getAuth CVE-2019-12527 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

8.8CVSS0.8AI score0.50454EPSS
Exploits0References2
Debian
Debian
added 2019/08/24 11:46 a.m.193 views

[SECURITY] [DSA 4507-1] squid security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4507-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 24, 2019 https://www.debian.org/security/faq -...

9.8CVSS9.6AI score0.74477EPSS
Exploits1
Debian
Debian
added 2019/08/24 11:46 a.m.40 views

[SECURITY] [DSA 4507-1] squid security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4507-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 24, 2019 https://www.debian.org/security/faq -...

7.5CVSS2.4AI score0.74477EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/08/14 12:0 a.m.43 views

Fedora 29 : 7:squid (2019-cb50bcc189)

Resolves: 1737030 - Depend on httpd-filesystem ---- Security fix for CVE-2019-12525 CVE-2019-12527 CVE-2019-12529 CVE-2019-12854 . - update to version 4.8 ---- Security fix for CVE-2019-13345. Note that Tenable Network Security has extracted the preceding description block directly from the Fedor...

9.8CVSS6.2AI score0.74477EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2019/07/19 12:0 a.m.43 views

Ubuntu 16.04 LTS / 18.04 LTS : Squid vulnerabilities (USN-4065-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4065-1 advisory. It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to...

9.8CVSS6.8AI score0.50454EPSS
Exploits0References4
OSV
OSV
added 2019/07/18 5:22 p.m.3 views

USN-4065-1 squid, squid3 vulnerabilities

It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. CVE-2019-12525 It was discovered that Squid incorrectly handled Basic authentication. A remote attacker could use this...

9.8CVSS6.8AI score0.50454EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2019/07/17 12:0 a.m.31 views

[ASA-201907-5] squid: arbitrary code execution

Arch Linux Security Advisory ASA-201907-5 ========================================= Severity: Critical Date : 2019-07-17 CVE-ID : CVE-2019-12527 Package : squid Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1004 Summary ======= The package squid before...

8.8CVSS2.9AI score0.50454EPSS
Exploits0References4
ALT Linux
ALT Linux
added 2019/07/16 12:0 a.m.40 views

Security fix for the ALT Linux 9 package squid version 4.8-alt1

4.8-alt1 built July 16, 2019 Alexey Shabalin in task 234609 --- July 15, 2019 Alexey Shabalin - Updated to 4.8 - Fixes: + CVE-2019-12854 Denial of Service issue in cachemgr.cgi + CVE-2019-12529 Denial of Service in HTTP Basic Authentication + CVE-2019-12525 Denial of Service in HTTP Digest...

7.5CVSS2.4AI score0.74477EPSS
Exploits1
CVE
CVE
added 2019/07/11 6:10 p.m.322 views

CVE-2019-12527

CVE-2019-12527 affects Squid 4.0.23–4.7. The issue arises in Basic Authentication handling: HttpHeader::getAuth decodes the Base64 blob into a fixed-size buffer without confirming decoded length, causing a heap-based buffer overflow with user-controlled data. Some sources note this can lead to re...

8.8CVSS9.2AI score0.50454EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder