Uncontrolled Recursion (Denial Of Service)

GVCP in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 is vulnerable to Uncontrolled Recursion. The vulnerability is due to packet injection or crafted capture file resulting in denial of service...

Amazon Linux 2023 : squid (ALAS2023-2024-467)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-467 advisory. Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a...

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remot...

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remot...

Security Bulletin: IBM Storage Ceph is vulnerable to uncontrolled recursion in Golang (CVE-2022-30630)

Summary Golang is used by IBM Storage Ceph as part of RGW and in assorted other locations. CVE-2022-30630 Vulnerability Details CVEID:CVE-2022-30630 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Glob in io/fs due to stack exhaustion. By...

Siemens SIMATIC and SIPLUS Products Uncontrolled Recursion (CVE-2022-47374)

A vulnerability has been identified in SIMATIC PC-Station Plus All versions, SIMATIC S7-400 CPU 412-2 PN V7 All versions, SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416F-3 PN/D...

CVE-2024-0211 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...

CVE-2024-0210 Uncontrolled Recursion in Wireshark

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...

CVE-2024-0210 Uncontrolled Recursion in Wireshark

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...

CVE-2024-0208 Improper Handling of Missing Values in Wireshark

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file...

Fedora 38 : squid (2023-6317eaa767)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6317eaa767 advisory. - New version 6.6 - Important security fixes - Removed gopher support Tenable has extracted the preceding description block directly from the Fedora...

Fedora 39 : squid (2023-ab77331a34)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ab77331a34 advisory. - New version 6.6 - Important security fixes - Removed gopher support Tenable has extracted the preceding description block directly from the Fedora...

OESA-2023-1947 squid security update

Squid is a high-performance proxy caching server. It handles all requests in a single, non-blocking, I/O-driven process and keeps meta data and implements negative caching of failed requests. Security Fixes: Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2....

The vulnerability of the follow_x_forwarded_for() function in the Squid proxy server allows a hacker to trigger a service failure.

The vulnerability of the followxforwardedfor function in the Squid proxy server is related to an uncontrolled recursion during the processing of X-Forwarded-For HTTP requests. Exploiting this vulnerability could allow a remote attacker to cause service failures...

SUSE CVE-2023-50269

Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to...

CVE-2023-50269

A flaw was found in Squid, which is susceptible to a Denial of Service DoS due to an Uncontrolled Recursion bug, specifically targeting HTTP Request parsing. Exploiting this issue involves a remote client initiating a DoS attack by sending an oversized X-Forwarded-For header when the...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Vim vulnerabilities (USN-6557-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6557-1 advisory. It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly us...

CVE-2023-50269

Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to...

Design/Logic Flaw

Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to...

CVE-2023-50269 SQUID-2023:10 Denial of Service in HTTP Request parsing

Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to...