15 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-5400
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cachepeer, which allows remote attackers to bypass intended...
SUSE: Security Advisory (SUSE-SU-2016:1996-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2008-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : squid (openSUSE-2016-988)
The Squid HTTP proxy has been updated to version 3.3.14, fixing the following security issues : - Fixed multiple Denial of Service issues in HTTP Response processing. CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc968392, bsc968393, bsc968394, bsc968395 - CVE-2016-3947: Buffer...
Fedora Update for squid FEDORA-2016-7
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Squid 'cache_peer' Security Bypass Vulnerability (SQUID-2015:2)
Squid is prone to an access bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:squid-cache:squid"; ifdescripti...
Security fix for the ALT Linux 8 package squid version 3.5.10-alt1
Oct. 20, 2015 Alexey Shabalin 3.5.10-alt1 - 3.5.10 - fixed CVE-2015-5400...
CVE-2015-5400
Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cachepeer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request...
CVE-2015-5400
Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cachepeer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request...
CVE-2015-5400
CVE-2015-5400 affects Squid proxy: Squid versions prior to 3.5.6 fail to properly handle CONNECT method peer responses when configured with cache_peer, allowing remote attackers to bypass access restrictions and access a backend proxy via a CONNECT request. The issue’s root cause is improper hand...
MGASA-2015-0347 Updated squid packages fix CVE-2015-5400
Updated squid packages fix security vulnerability: Alex Rousskov discovered that Squid configured with cachepeer and operating on explicit proxy traffic does not correctly handle CONNECT method peer responses. In some configurations, it allows remote clients to bypass security in an explicit...
[SECURITY] [DSA 3327-1] squid3 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3327-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 03, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3327-1] squid3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3327-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 03, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3327-1] squid3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3327-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 03, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DLA 286-1] squid3 security update
Package : squid3 Version : 3.1.6-1.2+squeeze5 CVE ID : CVE-2015-5400 Debian Bug : 793128 Alex Rousskov discovered that Squid configured with cachepeer and operating on explicit proxy traffic does not correctly handle CONNECT method peer responses. In some configurations, it allows remote clients ...