186 matches found
CVE-2021-28652
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short que...
CVE-2021-28652
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short que...
CVE-2021-28652
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short que...
CVE-2021-28652
CVE-2021-28652 concerns Squid before 4.15 and 5.x before 5.0.6. The issue stems from incorrect parser validation, allowing a Denial of Service attack against the Cache Manager API. A trusted client with Cache Manager API access can trigger memory leaks that, over time, lead to a DoS via an unspec...
CVE-2021-28652
A flaw was found in Squid. A parser validation bug could allow a trusted client with Cache Manager API access privileges to trigger memory leaks, potentially resulting in a denial of service against Squid. The highest threat from this vulnerability is to system availability. Mitigation To mitigat...
Denial Of Service (DoS)
squid is vulnerable to denial of service DoS. The vulnerability exists through an improper parser validation, allowing a trusted client to cause memory leaks through the Cache Manager API...
Squid 安全漏洞
Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in Squid. The vulnerability stems from a memory leak caused by incorrect parser...
squid: Improper access restriction in url_regex may lead to security bypass
A flaw was found in squid. The Cache Manager for Squid has rules that, by default, block access to anyone other than the maintainer. An attacker, with the ability to send a properly crafted URL, can bypass the urlregex check and gain access to the blocked resource. The highest threat from this...
CVE-2019-12524
A flaw was found in squid. The Cache Manager for Squid has rules that, by default, block access to anyone other than the maintainer. An attacker, with the ability to send a properly crafted URL, can bypass the urlregex check and gain access to the blocked resource. The highest threat from this...
DEBIAN-CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is...
UBUNTU-CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is...
Design/Logic Flaw
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is...
CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is...
CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is...
Squid cachemgr.cgi Injection Vulnerability
Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, proxy Internet access, etc. cachemgr.cgi is one of the cache managers. An injection vulnerability exists in versions prior to Squid 4.9. The...
UBUNTU-CVE-2019-18860
Squid before 4.9, when certain web browsers are used, mishandles HTML in the host aka hostname parameter to cachemgr.cgi...
Internet Bug Bounty: Cache Manager ACL Bypass
Summary: ACL Manager can be bypassed giving non authorized users to squid-internal-mgr. Possible to bypass other urlregex, but only focused on manager. with the hostname of the server running squid echo -e "GET https://jeriko.one%252f@:3128/squid-internal-mgr/activerequests HTTP/1.1\r\n\r\n" |nc...
CVE-2019-12527: the Squid buffer overflow resulting in remote code execution vulnerability alerts-a vulnerability alert-the black bar safety net
0x00 vulnerability background 2019 8 November 22, Trend Micro research team published a number of CVE-2019-12527 Squid proxy server buffer overflow vulnerability analysis report, the attacker in without authentication in the case of construction of a data package to exploit this vulnerability...
ALPINE-CVE-2019-13345
The cachemgr.cgi web module of Squid through 4.7 has XSS via the username or auth parameter...
UBUNTU-CVE-2019-13345
The cachemgr.cgi web module of Squid through 4.7 has XSS via the username or auth parameter...