41 matches found
MiracleLinux 4 : squid-3.1.10-22.AXS4 (AXSA:2014-517:03)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-517:03 advisory. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional...
Linux Distros Unpatched Vulnerability : CVE-2014-3609
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service crash via a request with crafted Range...
Debian: Security Advisory (DLA-216-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-45-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0369)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2014-1148)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2014-1147)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2014-433)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-216-1 : squid security update
CVE-2014-3609: Denial of Service in Range header processing. Ignore Range headers with unidentifiable byte-range values. If squid is unable to determine the byte value for ranges, treat the header as invalid. NOTE: Tenable Network Security has extracted the preceding description block directly fr...
[SECURITY] [DLA 216-1] squid security update
Package : squid Version : 2.7.STABLE9-2.1+deb6u1 CVE ID : CVE-2014-3609 CVE-2014-3609: Denial of Service in Range header processing. Ignore Range headers with unidentifiable byte-range values. If squid is unable to determine the byte value for ranges, treat the header as invalid...
Mandriva Linux Security Advisory : squid (MDVSA-2015:103)
Updated squid packages fix security vulnerabilities : Due to incorrect state management, Squid before 3.3.12 is vulnerable to a denial of service attack when processing certain HTTPS requests if the SSL-Bump feature is enabled CVE-2014-0128. Matthew Daley discovered that Squid 3 did not properly...
[SECURITY] [DSA 3139-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3139-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 25, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3139-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3139-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 25, 2015 http://www.debian.org/security/faq -...
Fedora Update for squid FEDORA-2014-10794
Check the version of squid SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868397";...
Fedora Update for squid FEDORA-2014-10790
Check the version of squid SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868398";...
Fedora 21 : squid-3.4.7-1.fc21 (2014-9882)
Security fix for CVE-2014-3609 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
openSUSE Security Update : squid (openSUSE-SU-2014:1144-1)
This update fixes the following security issues and bugs with squid : A denial of Service in Range header processing was fixed that could be used by proxy users to crash squid. CVE-2014-3609 Also the following bugs were fixed : - bnc894840: removed unnecessary 'sharedscripts' in squid's logrotate...
SuSE 11.3 Security Update : squid3 (SAT Patch Number 9729)
Squid3 was updated to fix a denial of service in Range Header processing, which would have allowed proxy users to crash the squid proxy process. CVE-2014-3609 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...
Important: squid
Issue Overview: A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. CVE-2014-3609 A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send...
Mandriva Linux Security Advisory : squid (MDVSA-2014:177)
Updated squid packages fix security vulnerability : Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service CVE-2014-3609. %NASLMINLEVEL 70300 C Tenable Network Security,...