TencentOS Server 4: squid (TSSA-2026:0346)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0346 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Astra Linux - уязвимость в squid

A issue was discovered in Squid before versions 4.15 and 5.x before version 5.0.6. An integer overflow problem allows a remote server to cause a Denial of Service when delivering responses to HTTP Range requests. The issue is triggered by a header that is expected to exist in HTTP traffic, withou...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URNs due to incorrect buffer management. This issue has been fixed in version 6.4. To address this problem, disable URN access...

Astra Linux - уязвимость в squid

SQUID is vulnerable to HTTP request smuggling, which is caused by the laxity of the chunked decoder. This allows a remote attacker to perform Request/Response smuggling beyond the firewall and frontend security systems...

Astra Linux - уязвимость в squid

A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack targeting all clients using the proxy through HTTP Range request processing...

Astra Linux - уязвимость в squid

A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack targeting all clients using the proxy. A client sends an HTTP Range request to trigger this vulnerability...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the Web. Due to a bug related to expired pointer references, Squid versions prior to 6.6 were vulnerable to a Denial of Service attack targeting error responses from the Cache Manager. This vulnerability allowed a trusted client to cause a Denial of Service attack by...

Astra Linux - уязвимость в squid

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, a Denial of Service can occur when processing long Gopher server responses due to improper buffer management...

Astra Linux - уязвимость в squid

A vulnerability was discovered in Squid before versions 4.15 and 5.x before version 5.0.6. Due to incorrect parser validation, this vulnerability allows for a Denial of Service attack against the Cache Manager API. This enables a trusted client to trigger memory leaks, which over time can lead to...

Astra Linux - уязвимость в squid

A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to a buffer-management bug, it allows for a denial of service. When resolving a request using the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that...

Astra Linux - уязвимость в squid

Squid is an open-source caching proxy for the web, supporting HTTP, HTTPS, FTP, and other protocols. Due to a bug related to collapsing data into unsafe values, Squid may be vulnerable to Denial of Service attacks involving HTTP header parsing. This issue allows a remote client or server to cause...

Astra Linux - уязвимость в squid

Versions of Squid before 4.15 and 5.x before 5.0.6 allowed remote servers to cause a denial of service, affecting the availability of all clients through an HTTP response. The issue is triggered by a header that is expected to exist in HTTP traffic, without any malicious intent on the part of the...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the Web. Due to an uncontrolled recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack involving HTTP request parsing. This issue allows a remote client to carr...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. A bug related to incorrect checking of function return values makes Squid vulnerable to Denial of Service attacks targeting its helper process management. This bug has been fixed in Squid version 6.5. Users...

Astra Linux - уязвимость в squid

A issue was discovered in Squid 4.x before 4.15, and in 5.x before 5.0.6. If a remote server sends a certain response header via HTTP or HTTPS, it can lead to a denial of service. This header can potentially appear in legitimate network traffic...

Astra Linux - уязвимость в squid

A issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, sensitive information about clients using the proxy may be exposed through an HTTPS request to an internal cache manager URL. This issue has been fixed in version 5.7...

Astra Linux - уязвимость в squid

Squid is a web proxy cache. Starting from version 3.5.27 and before version 6.8, Squid may be vulnerable to a Denial of Service attack against the HTTP Chunked decoder due to an uncontrolled recursion bug. This issue allows a remote attacker to cause a Denial of Service when sending a crafted,...

Astra Linux - уязвимость в squid

In versions 4.14 and 5.x through 5.0.5, in some configurations, the Squid vulnerability allows information disclosure due to an out-of-bounds read in the WCCP protocol data. This vulnerability can be exploited as part of a chain for remote code execution, as there is no one to stop such attacks...

Astra Linux - уязвимость в squid

A buffer overflow was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers were vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations were sent to a...

TencentOS Server 2: squid (TSSA-2025:1012)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:1012 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...