43 matches found
RHEL 8 : squid:4 (RHSA-2024:1375)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1375 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: deni...
The vulnerability of the HttpStateData() function in the Chunked decoder of the Squid proxy server allows a hacker to induce a service failure.
The vulnerability of the HttpStateData function in the Chunked decoder of the Squid proxy server is related to buffer overflows in the stack due to uncontrolled recursion during HTTP message processing. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Squid Denial of Service Vulnerability (CNVD-2024-13541)
Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A denial of service vulnerability exists in Squid that stems from the presence of a recursion error, which can be...
SUSE CVE-2024-25111
Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...
AZL-42511 CVE-2024-25111 affecting package squid 5.7-5
Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...
CVE-2024-25111
Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...
DEBIAN-CVE-2024-25111
Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...
CVE-2024-25111
Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...
CVE-2024-25111
Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...
CVE-2024-25111
Squid (web proxy cache) is affected by CVE-2024-25111. Affected versions are 3.5.27 up to, but not including, 6.8; the issue is an uncontrolled recursion in the HTTP Chunked decoder that can cause a remote DoS when processing crafted chunked HTTP messages. The vulnerability is fixed in Squid vers...
CVE-2024-25111 SQUID-2024:1 Denial of Service in HTTP Chunked Decoding
Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunke...
The vulnerability of Squid’s chunked decoder allows a hacker to interact directly with the server.
The vulnerability of Squid’s chunked proxy server decoder is related to the way the server interprets fragmented encoding syntax. Exploiting this vulnerability allows a remote attacker to interact directly with the server...
Ubuntu: Security Advisory (USN-6500-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6500-1 squid vulnerabilities
Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. CVE-2023-46724 Joshua...
ROS-20231115-01
A vulnerability in the Squid proxy server related to the execution of a "buffer overflow" attack, writing up to 2MB of of arbitrary data to the memory heap when Squid is configured to accept HTTP Digest Authentication. Exploitation of the vulnerability could allow an attacker acting remotely to...
AZL-31905 CVE-2023-46846 affecting package squid 5.7-5
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
SUSE CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
Squid Request/Response Smuggling Vulnerability (GHSA-j83v-w3p4-5cqh, SQUID-2023:1)
Squid is prone to a request/response smuggling vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:squid-cache:squid";...