23 matches found
Oracle Linux 5 : squid (ELSA-2010-0221)
The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2010-0221 advisory. - Resolves: 561828 - CVE-2009-2855 CVE-2010-0308 squid various flaws rhel-5.5 Tenable has extracted the preceding description block directly from the...
Oracle: Security Advisory (ELSA-2010-0221)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : squid on SL5.x i386/x86_64
A flaw was found in the way Squid processed certain external ACL helper HTTP header fields that contained a delimiter that was not a comma. A remote attacker could issue a crafted request to the Squid server, causing excessive CPU use up to 100%. CVE-2009-2855 Note: The CVE-2009-2855 issue only...
RHEL 5 : squid (RHSA-2010:0221)
An updated squid package that fixes two security issues and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Squid strListGetItem Denial of Service (CVE-2009-2855)
A denial of service vulnerability exists in the way Squid handles HTTP headers. The vulnerability is due to an infinite loop error when processing HTTP headers containing a specific delimiter character. Remote unauthenticated attackers can exploit this vulnerability by sending specially crafted...
RedHat Update for squid RHSA-2010:0221-04
Check for the Version of squid OpenVAS Vulnerability Test RedHat Update for squid RHSA-2010:0221-04 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
openSUSE Security Update : squid (squid-2144)
The following vulnerabilities have been fixed in squid : - CVE-2009-2855: DoS via special crafted auth header - CVE-2010-0308: DoS via invalid DoS header - CVE-2009-2622: DoS in squid3 via broken HTTP handling - CVE-2009-2621: DoS in squid3 via not enforced 'buffer limits and related bound checks...
SuSE9 Security Update : squid (YOU Patch Number 12597)
The following vulnerabilities have been fixed in squid : - DoS via special crafted auth header. CVE-2009-2855 - DoS via invalid DoS header. CVE-2010-0308 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
openSUSE Security Update : squid (squid-2144)
The following vulnerabilities have been fixed in squid : - CVE-2009-2855: DoS via special crafted auth header - CVE-2010-0308: DoS via invalid DoS header - CVE-2009-2622: DoS in squid3 via broken HTTP handling - CVE-2009-2621: DoS in squid3 via not enforced 'buffer limits and related bound checks...
Debian DSA-1991-1 : squid/squid3 - denial of service
Two denial of service vulnerabilities have been discovered in squid and squid3, a web proxy. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2855 Bastian Blank discovered that it is possible to cause a denial of service via a crafted auth header wit...
Ubuntu: Security Advisory (USN-901-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : squid vulnerabilities (USN-901-1)
It was discovered that Squid incorrectly handled certain auth headers. A remote attacker could exploit this with a specially crafted auth header and cause Squid to go into an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 8.10, 9.04 and 9.10. CVE-2009-2855 It was...
USN-901-1: Squid vulnerabilities
It was discovered that Squid incorrectly handled certain auth headers. A remote attacker could exploit this with a specially-crafted auth header and cause Squid to go into an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 8.10, 9.04 and 9.10. CVE-2009-2855 It was...
Debian: Security Advisory (DSA-1991-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1991-1] New squid/squid3 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1991-1 [email protected] http://www.debian.org/security/ Steffen Joeris February 04, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1991-1] New squid/squid3 packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1991-1 [email protected] http://www.debian.org/security/ Steffen Joeris February 04, 2010 http://www.debian.org/security/faq -...
DSA-1991-1 squid squid3 - denial of service
Bulletin has no description...
IBM Tivoli Storage Manager Client Multiple Vulnerabilities (swg21405562)
The remote host is running an IBM Tivoli Storage Manager TSM client. The version running on the remote host has one or more of the following vulnerabilities : - A remote stack-based buffer overflow in the client acceptor daemon CAD scheduler could lead to the execution of arbitrary code...
CVE-2009-2855
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function...
CVE-2009-2855
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function...