Lucene search
K

53 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : squid-3.5.20-17.el7.8 (AXSA:2022-3878:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3878:02 advisory. squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 Tenable has extracted the preceding description block directly from the MiracleLinux...

8.6CVSS5.6AI score0.0282EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : squid-5.2-1.el9.2 (AXSA:2022-4089:04)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4089:04 advisory. squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 Tenable has extracted the preceding description block directly from the MiracleLinux...

8.6CVSS5.6AI score0.0282EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0166: squid:4 (ALINUX3-SA-2022:0166)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0166 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-41318: RESERVED This candidate has been...

8.6CVSS7.5AI score0.0282EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/06/28 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-6857-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.4AI score0.88864EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2024/06/27 10:48 a.m.72 views

USN-6857-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2021-28651 It was discovered that Squid...

8.6CVSS6.9AI score0.88864EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.24 views

Rocky Linux 9 : squid (RLSA-2022:6839)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6839 advisory. - A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer- overflow protection, the SSPI and SMB authentication helpe...

8.6CVSS8AI score0.0282EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.19 views

Amazon Linux 2 : squid (ALASSQUID4-2023-001)

The version of squid installed on the remote host is prior to 4.15-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2SQUID4-2023-001 advisory. A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerabl...

8.6CVSS7.8AI score0.0282EPSS
Exploits0References4
Amazon
Amazon
added 2023/09/25 12:0 a.m.3 views

Important: squid

Issue Overview: A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure or a denial of service. CVE-2022-41318 Affected Packages: squid Note: This advisory i...

8.6CVSS7AI score0.0282EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2023-1515)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS8.7AI score0.0282EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/08 12:0 a.m.28 views

EulerOS 2.0 SP5 : squid (EulerOS-SA-2023-1515)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer- overflow protection, the SSPI and SMB...

8.6CVSS8AI score0.0282EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.4 views

SUSE CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

8.9CVSS7.2AI score0.0282EPSS
Exploits0References7
Amazon
Amazon
added 2023/02/04 12:0 a.m.30 views

Important: squid

Issue Overview: In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. CVE-2021-46784 A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI an...

8.6CVSS7.6AI score0.0362EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/01/24 12:0 a.m.57 views

Amazon Linux 2 : squid (ALAS-2023-1907)

The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1907 advisory. In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service...

8.6CVSS7.3AI score0.0362EPSS
Exploits0References5
Circl
Circl
added 2022/12/25 10:40 p.m.4 views

CVE-2022-41318

creationtimestamp| type| source ---|---|--- 2022-12-25 22:40:23+00:00| seen| https://t.me/cibsecurity/55318 2025-04-14 18:54:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11685...

8.6CVSS7.7AI score0.0282EPSS
Exploits0References2
NVD
NVD
added 2022/12/25 7:15 p.m.24 views

CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

8.6CVSS0.0282EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/12/25 12:0 a.m.10 views

CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

8.6AI score0.0282EPSS
Exploits0References4
OSV
OSV
added 2022/12/25 12:0 a.m.40 views

CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

8.6CVSS8.4AI score0.0282EPSS
Exploits0References6
CVE
CVE
added 2022/12/25 12:0 a.m.276 views

CVE-2022-41318

CVE-2022-41318 is a vulnerability in Squid’s libntlmauth where a buffer over-read, caused by insufficient integer-overflow protection in the SSPI/SMB authentication helpers, can lead to reading unintended memory and potentially exposing cleartext credentials to a client. Public sources consistent...

8.6CVSS7.8AI score0.0282EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2022/12/25 12:0 a.m.127 views

CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

8.6CVSS8.2AI score0.0282EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/12/22 12:0 a.m.27 views

Fedora 36 : squid (2022-c8cad41c95)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c8cad41c95 advisory. - version update to 5.7. - security fixes CVE-2022-41317 Tenable has extracted the preceding description block directly from the Fedora security...

8.6CVSS7.1AI score0.0282EPSS
Exploits0References3
Rows per page
Query Builder