24 matches found
SUSE: Security Advisory (SUSE-SU-2013:0327-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:0327-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Solaris Third-Party Patch Update : squid (multiple_vulnerabilities_in_squid)
The remote Solaris system is missing necessary patches to address security updates : - Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service memory consumption...
openSUSE Security Update : squid (openSUSE-SU-2013:1436-1)
This squid update includes several security fixes and minor changes. - squid-2.7.x-bnc829084-CVE-2013-4115-BOrequesthandling. diff Squid advisory SQUID-20132, CVE-2013-4115, bnc829084 Specially crafted http requests can trigger a buffer overflow when squid attempts to resolve an overly long...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0189, CVE-2013-0191. Reason: this identifier was intended for one issue, but it was inadvertently associated with multiple issues. Notes: All CVE users should consult CVE-2013-0189 and CVE-2013-0191 to determine which ID is...
CVE-2013-0188
CVE-2013-0188 is rejected/not used and does not represent an active vulnerability entry.
Mandriva Linux Security Advisory : squid (MDVSA-2013:129)
Updated squid packages fix security vulnerability : Due to missing input validation, the Squid cachemgr.cgi tool in Squid before 3.1.22 and 3.2.4 is vulnerable to a denial of service attack when processing specially crafted requests CVE-2012-5643. It was discovered that the patch for CVE-2012-564...
Fedora Update for squid FEDORA-2013-4063
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 11.2 Security Update : squid3 (SAT Patch Number 7336)
A denial of service problem in Squid3 initiated via invalid Content-Length headers and memory leaks has been fixed. CVE-2012-5643 / CVE-2013-0189, SQUID-2012:1 Also a logrotate permission issue has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
Debian DSA-2631-1 : squid3 - denial of service
Squid3, a fully featured Web proxy cache, is prone to a denial of service attack due to memory consumption caused by memory leaks in cachemgr.cgi : - CVE-2012-5643 squid's cachemgr.cgi was vulnerable to excessive resource use. A remote attacker could exploit this flaw to perform a denial of servi...
[SECURITY] [DSA 2631-1] squid3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2630-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 24, 2013 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2631-1 (squid3 - denial of service)
Squid3, a fully featured Web proxy cache, is prone to a denial of service attack due to memory consumption caused by memory leaks in cachemgr.cgi: CVE-2012-5643 squid's cachemgr.cgi was vulnerable to excessive resource use. A remote attacker could exploit this flaw to perform a denial of service...
SuSE 11.2 Security Update : squid (SAT Patch Number 7335)
A denial of service problem in Squid via invalid Content-Length headers and memory leaks has been fixed. CVE-2012-5643 / CVE-2013-0189, SQUID-2012:1 Also a logrotate permission issue has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in th...
SuSE 10 Security Update : squid (ZYPP Patch Number 8464)
A denial of service problem in Squid via invalid Content-Length headers and memory leaks has been fixed. CVE-2012-5643 / CVE-2013-0189, SQUID-2012:1 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0;...
DSA-2631-1 squid3 - denial of service
Bulletin has no description...
Fedora Update for squid FEDORA-2013-1616
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for squid FEDORA-2013-1625
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 17 : squid-3.2.5-2.fc17 (2013-1625)
This is security update that fixes multiple memory leaks in cachemgr tool. CVE-2013-0189 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 18 : squid-3.2.5-2.fc18 (2013-1616)
This is security update that fixes multiple memory leaks in cachemgr tool. CVE-2013-0189 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
CVE-2013-0189
cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service resource consumption via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorrect order of arguments or...