168 matches found
Information disclosure
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody...
CVE-2021-28116
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody...
UBUNTU-CVE-2021-28116
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody...
EUVD-2021-14817
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody...
CVE-2021-28116
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody...
CVE-2021-28116
Squid 4.14 and 5.x up to 5.0.5 are affected by an information-disclosure issue due to an out-of-bounds read in WCCP protocol data, which can be chained to remote code execution as nobody. The connected advisories/entries indicate fixes in newer Squid releases (e.g., subsequent 4.15/5.0.6+ variant...
CVE-2021-28116
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody...
CVE-2021-28116
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody...
(0Day) Squid Cache WCCP Protocol Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Squid Cache. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the WCCP protocol. The issue results from the lack of validating the existen...
(0Day) Squid Cache WCCP Protocol Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Squid Cache. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the WCCP protocol. The issue results from the lack of proper...
CVE-2020-5905
In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network WCCP page, the system does not sanitize all user-provided data before display...
CVE-2020-5905
In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network WCCP page, the system does not sanitize all user-provided data before display...
Code injection
In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network WCCP page, the system does not sanitize all user-provided data before display...
CVE-2020-5905
In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network WCCP page, the system does not sanitize all user-provided data before display...
F5 Networks BIG-IP : TMUI vulnerability (K07051153)
In the BIG-IP Configuration utility Network WCCP page, the system does not sanitize all user-provided data before displaying the page.CVE-2020-5905 Impact Authenticated administrative users with access to this page in the Configuration utility may inject code onto the WCCP pages, resulting in a a...
Updated wireshark packages fix security vulnerabilities
The SIGCOMP dissector could crash CVE-2018-7320. Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors, along with the DICOM, DMP, LLTD, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router, S7COMM, SCCP, Thread, Thrift, USB, and WCCP dissectors were susceptible...
Wireshark Security Updates (wnpa-sec-2018-05 to wnpa-sec-2018-14) - Windows
Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...
Wireshark epan/dissectors/packet-wccp.c file denial of service vulnerability
Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in the epan/dissectors/packet-wccp.c file in Wireshark...
DEBIAN-CVE-2018-7323
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing...
CVE-2018-7323
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing...