CentOS 8 : squid:4 (CESA-2024:0046)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0046 advisory. - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4...

squid: Buffer over-read in the HTTP Message processing feature

A buffer over-read flaw was found in Squid's HTTP Message processing feature. This issue may allow attackers to perform remote denial of service...

squid: Buffer over-read in the HTTP Message processing feature

A buffer over-read flaw was found in Squid's HTTP Message processing feature. This issue may allow attackers to perform remote denial of service...

AlmaLinux 9 : squid (ALSA-2024:0071)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:0071 advisory. - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4...

RHEL 9 : squid (RHSA-2024:0072)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0072 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: DoS...

AlmaLinux 8 : squid:4 (ALSA-2024:0046)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0046 advisory. squid: Denial of Service in SSL Certificate validation CVE-2023-46724 squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 squid:...

squid: Buffer over-read in the HTTP Message processing feature

A buffer over-read flaw was found in Squid's HTTP Message processing feature. This issue may allow attackers to perform remote denial of service...

RHEL 8 : squid:4 (RHSA-2024:0046)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0046 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Deni...

Fedora 39 : squid (2023-ab77331a34)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ab77331a34 advisory. - New version 6.6 - Important security fixes - Removed gopher support Tenable has extracted the preceding description block directly from the Fedora...

Fedora 38 : squid (2023-6317eaa767)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6317eaa767 advisory. - New version 6.6 - Important security fixes - Removed gopher support Tenable has extracted the preceding description block directly from the Fedora...

The vulnerability of the analysis component of the DOE-file software for simulation and automation of discrete events in Arena Simulation allows a perpetrator to execute arbitrary code.

The vulnerability of the DOE-file analysis component of the Arena Simulation software for modeling and automating discrete events involves the ability to read beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the LZWDecode function in the libtiff/tif_lzw.c component of the LibTIFF library, which allows a hacker to cause a service failure.

The vulnerability of the LZWDecode function in the libtiff/tiflzw.c component of the LibTIFF library is related to reading data beyond the allowable buffer limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions through a specially created TIF file...

The vulnerability of the LZWDecode function in the libtiff/tif_lzw.c component of the LibTIFF library, which allows a hacker to cause a service failure.

The vulnerability of the LZWDecode function in the libtiff/tiflzw.c component of the LibTIFF library is related to reading data beyond the allowable buffer limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions through a specially created TIF file...

PT-2023-31891 · Unknown · Bacnet Stack

Name of the Vulnerable Software and Affected Versions: BACnet Stack versions prior to 1.3.2 Description: The issue is related to a decode function APDU buffer over-read in the bacapp decode application data function in bacapp.c. This over-read occurs in versions of the BACnet Stack before 1.3.2...

The vulnerability of the sms_decode_address_field() function in the OFono mobile phone stack allows a hacker to execute arbitrary code.

The vulnerability of the smsdecodeaddressfield function in the OFono mobile phone stack is related to the execution of operations outside the buffer in memory when sending SMS messages in PDU format. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

CLSA-2023-1703184336 Fix CVE(s): CVE-2023-49285, CVE-2023-49286

SECURITY UPDATE: Buffer OverRead in RFC 1123 date/time - debian/patches/CVE-2023-49285.patch: Fix date parsing in RFC 1123 - CVE-2023-49285 SECURITY UPDATE: Denial of Service attack against Helper process management - debian/patches/CVE-2023-49286.patch: Add exit without asserting when helper...

CLSA-2023-1703184270 Fix CVE(s): CVE-2023-49285, CVE-2023-49286

SECURITY UPDATE: Buffer OverRead in RFC 1123 date/time - debian/patches/CVE-2023-49285.patch: Fix date parsing in RFC 1123 - CVE-2023-49285 SECURITY UPDATE: Denial of Service attack against Helper process management - debian/patches/CVE-2023-49286.patch: Add exit without asserting when helper...

CLSA-2023-1703184171 squid: Fix of 2 CVEs

CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead - CVE-2023-49286: Fix DoS attack against Helper process management...

CLSA-2023-1703184036 squid34: Fix of 2 CVEs

CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead - CVE-2023-49286: Fix DoS attack against Helper process management...

squid: Fix of 2 CVEs

CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead - CVE-2023-49286: Fix DoS attack against Helper process management...