OpenAFS 缓冲区错误漏洞

OpenAFS is an OpenAFS open source set of distributed file systems. It allows files and resources to be shared between systems over LANs and WANs. OpenAFS suffers from a buffer error vulnerability that originates from a malicious server that could crash the cache manager and other client utilities...

PT-2024-16244 · Openafs +1 · Openafs +1

Name of the Vulnerable Software and Affected Versions: OpenAFS affected versions not specified Description: A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code. Recommendations: At the moment, there is no information about a newer...

EulerOS 2.0 SP8 : squid (EulerOS-SA-2024-2491)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attac...

squid: vulnerable to a Denial of Service attack against Cache Manager error responses

A flaw was found in Squid, resulting in a potential denial of service attack targeting Cache Manager error responses. This issue enables a trusted client to execute a denial of service by manipulating the generation of error pages for Client Manager reports...

RHEL 9 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - squid: exposure of sensitive information in cache manager CVE-2022-41317 - Rejected reason: DO NOT USE TH...

RHEL 8 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - squid: lack of UID assignment in child process spawning could lead to privileges escalation CVE-2019-1252...

RHEL 8 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - squid: exposure of sensitive information in cache manager CVE-2022-41317 Note that Nessus has not tested for this...

RHEL 9 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - squid: exposure of sensitive information in cache manager CVE-2022-41317 Note that Nessus has not tested for this...

Fedora 39 : squid (2024-bd8c6c6926)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-bd8c6c6926 advisory. - New squid 6.9 - security update Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 38 : squid (2024-a414a81d47)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a414a81d47 advisory. - New squid 6.9 - security update Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

USN-6728-3: Squid vulnerability

USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update. We apologize for the inconvenience...

USN-6728-1 squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-49288 Joshua Rogers discovered that Squ...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Squid vulnerabilities (USN-6728-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6728-1 advisory. Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to caus...

Important: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no know...

MGASA-2024-0102 Updated squid packages fix security vulnerabilities

Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squ...

Debian dsa-5637 : squid - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5637 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5637...

SUSE SLES15 / openSUSE 15 Security Update : squid (SUSE-SU-2024:0455-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0455-1 advisory. - Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9,...

Medium: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error page...

Medium: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error page...

OESA-2024-1124 squid security update

Squid is a high-performance proxy caching server. It handles all requests in a single, non-blocking, I/O-driven process and keeps meta data and implements negative caching of failed requests. Security Fixes: Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prio...