Lucene search
+L

73 matches found

RedHat Linux
RedHat Linux
added 2022/10/05 12:29 p.m.46 views

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.6CVSS7.2AI score0.0282EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/05 12:0 a.m.56 views

RHEL 8 : squid:4 (RHSA-2022:6774)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6774 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid:...

8.6CVSS7.7AI score0.0282EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/10/04 3:22 p.m.37 views

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.6CVSS7.2AI score0.0282EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/10/04 3:19 p.m.42 views

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.6CVSS7.2AI score0.0282EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/10/04 2:37 p.m.29 views

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.6CVSS7.2AI score0.0282EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/10/04 2:37 p.m.5 views

squid: buffer-over-read in SSPI and SMB authentication

A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure...

8.6CVSS6AI score0.0282EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2022/10/04 2:29 p.m.22 views

squid:4 security update

An update is available for squid, libecap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Squid is a high-performance proxy caching server for web clients,...

8.6CVSS8.3AI score0.0282EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2022/10/04 12:0 a.m.37 views

Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

8.6CVSS8.4AI score0.0282EPSS
Exploits0References4
OSV
OSV
added 2022/10/01 5:48 p.m.14 views

MGASA-2022-0351 Updated squid packages fix security vulnerability

Exposure of Sensitive Information in Cache Manager. CVE-2022-41317 Buffer Over Read in SSPI and SMB Authentication. CVE-2022-41318...

8.6CVSS7.3AI score0.0282EPSS
Exploits0References5
Mageia
Mageia
added 2022/10/01 5:48 p.m.64 views

Updated squid packages fix security vulnerability

Exposure of Sensitive Information in Cache Manager. CVE-2022-41317 Buffer Over Read in SSPI and SMB Authentication. CVE-2022-41318...

8.6CVSS2.4AI score0.0282EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/09/29 12:0 a.m.23 views

Squid Buffer Overflow Vulnerability (SQUID-2022:2)

Squid is prone to a buffer overflow vulnerability in SSPI and SMB authentication. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

8.6CVSS8.8AI score0.0282EPSS
Exploits0References1
Veracode
Veracode
added 2022/09/26 11:57 p.m.32 views

Buffer Overflow

squid is vulnerable to buffer overflow. The vulnerability exists due to a lack of sanitization of the input in SSPI and SMB Authentication allowing an attacker to corrupt the memory...

8.6CVSS7.9AI score0.0282EPSS
Exploits0References5Affected Software5
Ubuntu
Ubuntu
added 2022/09/26 4:23 p.m.61 views

USN-5641-1: Squid vulnerabilities

Mikhail Evdokimov discovered that Squid incorrectly handled cache manager ACLs. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. CVE-2022-41317 It was discovered that Squid incorrectly handled SSPI an...

8.6CVSS7AI score0.0282EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/09/26 12:0 a.m.36 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Squid vulnerabilities (USN-5641-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5641-1 advisory. Mikhail Evdokimov discovered that Squid incorrectly handled cache manager ACLs. A remote attacker could possibly use this issue t...

8.6CVSS7.1AI score0.0282EPSS
Exploits0References3
0day.today
0day.today
added 2022/01/08 12:0 a.m.317 views

Microsoft Windows SMB Direct Session Takeover Exploit

This Metasploit module will intercept direct SMB authentication requests to another host, gaining access to an authenticated SMB session if successful. If the connecting user is an administrator and network logins are allowed to the target machine, this module will execute an arbitrary payload. T...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2019/02/15 12:39 p.m.827 views

SSRFmap - Automatic SSRF Fuzzer And Exploitation Tool

SSRF are often used to leverage actions on other services, this framework aims to find and exploit these services easily. SSRFmap takes a Burp request file as input and a parameter to fuzz. Server Side Request Forgery or SSRF is a vulnerability in which an attacker forces a server to perform...

7.7AI score
Exploits0References3
n0where
n0where
added 2018/02/23 8:8 a.m.1535 views

Oracle Database Attacking Tool: ODAT

ODAT Oracle Database Attacking Tool is an open source penetration testing tool that tests the security of Oracle Databases remotely . Usage examples of ODAT: You have an Oracle database listening remotely and want to find valid SIDs and credentials in order to connect to the database You have a...

7.5CVSS0.5AI score0.77633EPSS
Exploits7References3
n0where
n0where
added 2018/02/23 6:53 a.m.25 views

Microsoft SQL Database Attacking Tool: MSDAT

MSDAT M icro s oft SQL D atabase A ttacking T ool is an open source penetration testing tool that tests the security of Microsoft SQL Databases remotely. Usage examples of MSDAT: You have a Microsoft database listening remotely and you want to find valid credentials in order to connect to the...

1AI score
Exploits0References1
OwnCloud
OwnCloud
added 2016/11/10 7:7 p.m.486 views

SMB User Authentication Bypass - ownCloud

ownCloud includes an optional and not by default enabled SMB authentication component that allows to authenticate users against an SMB server. This backend is implemented in a way that it tries to connect to a SMB server and if that succeeded consider the user logged-in. The backend did not...

7.2AI score
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2015/03/24 12:0 a.m.60 views

Powershell Remoting Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit3 'Powershell Remoting Remote Command Execution', 'Description' = %q Uses Powershell Remoting TCP 47001 to inject payload...

7.5CVSS0.6AI score0.63703EPSS
Exploits13
Rows per page
Query Builder