12 matches found
SUSE: Security Advisory (SUSE-SU-2016:2008-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : squid (openSUSE-2016-988)
The Squid HTTP proxy has been updated to version 3.3.14, fixing the following security issues : - Fixed multiple Denial of Service issues in HTTP Response processing. CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc968392, bsc968393, bsc968394, bsc968395 - CVE-2016-3947: Buffer...
Fedora 22 : libecap-1.0.0-1.fc22 / squid-3.5.10-1.fc22 (2016-7b40eb9e29)
Security fix for CVE-2016-2571, CVE-2016-2572 ---- squid-3.4.13-3.fc22 - Resolves: 1231992 ---- Security fix for 1240741, 1240744 Updated to version 3.4.13, which fixes CVE-2015-3455 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...
Fedora Update for squid FEDORA-2016-7
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : squid (ELSA-2015-2378)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2378 advisory. - Resolves: 1233265 - CVE-2015-3455 squid: incorrect X509 server certificate validation Tenable has extracted the preceding description block directly from the...
squid security and bug fix update
7:3.3.8-26 - Related: 1186768 - removing patch, because of missing tests and incorrent patch 7:3.3.8-25 - Related: 1102842 - squid rpm package misses /var/run/squid needed for smp mode. Squid needs write access to /var/run/squid. 7:3.3.8-24 - Related: 1102842 - squid rpm package misses...
RedHat Update for squid RHSA-2015:2378-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : squid (openSUSE-2015-581)
Squid was updated to fix a security issue. If the Squid HTTP Proxy configured with client-first SSL bumping did not correctly validate server certificate. CVE-2015-3455 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
CVE-2015-3455
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid...
UBUNTU-CVE-2015-3455
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid...
CVE-2015-3455
Squid 3.x is affected when configured with client-first SSL-bump: it does not properly validate the domain/hostname in X.509 certificates, allowing man-in-the-middle attackers to spoof SSL servers with a valid certificate. Affected versions are Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4....
Mandriva Linux Security Advisory : squid (MDVSA-2015:230)
Updated squid packages fix security vulnerability : Squid configured with client-first SSL-bump does not correctly validate X509 server certificate domain / hostname fields CVE-2015-3455. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...