MiracleLinux 7 : squid-3.5.20-2.el7 (AXSA:2016-905:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-905:02 advisory. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software,...

Linux Distros Unpatched Vulnerability : CVE-2016-2570

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Edge Side Includes ESI parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP...

RHEL 5 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code...

SUSE: Security Advisory (SUSE-SU-2016:1996-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2008-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2016-1056)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3557-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Squid vulnerabilities (USN-3557-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3557-1 advisory. Mathias Fischer discovered that Squid incorrectly handled certain long strings in headers. A malicious remote server could possibly cause Squ...

USN-3557-1: Squid vulnerabilities

Mathias Fischer discovered that Squid incorrectly handled certain long strings in headers. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. CVE-2016-2569 William Lima discovered that Squid incorrect...

Scientific Linux Security Update : squid on SL7.x x86_64 (20161103)

The following packages have been upgraded to a newer upstream version: squid 3.5.20. Security Fixes : - Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid usi...

CentOS 7 : squid (CESA-2016:2600)

An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

openSUSE Security Update : squid (openSUSE-2016-988)

The Squid HTTP proxy has been updated to version 3.3.14, fixing the following security issues : - Fixed multiple Denial of Service issues in HTTP Response processing. CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc968392, bsc968393, bsc968394, bsc968395 - CVE-2016-3947: Buffer...

Fedora Update for squid FEDORA-2016-b3b9407940

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 23 : 7:squid (2016-b3b9407940)

Security fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556 ---- Security fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 ---- Security fix for CVE-2016-3947 and CVE-2016-3948 ---- Security fix for CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572 Note tha...

GLSA-201607-01 : Squid: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201607-01 Squid: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details. Impact : An attacker can possibly execute arbitrary code or create a...

Mageia: Security Advisory (MGASA-2016-0095)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated squid packages fix security vulnerabilities

Updated squid packages fix security vulnerability: Due to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses CVE-2016-2569, CVE-2016-2570, CVE-2016-2571...

Squid 3.x < 3.5.15 / 4.x < 4.0.7 Multiple DoS

According to its banner, the version of Squid running on the remote host is 3.x prior to 3.5.15 or 4.x prior to 4.0.7. It is, therefore, potentially affected by multiple denial of service vulnerabilities : - A flaw exists due to not properly appending data to String objects. A remote attacker can...

CVE-2016-2570

The Edge Side Includes ESI parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a crafted XML document, related to esi/CustomParser.cc and...

CVE-2016-2570

CVE-2016-2570 affects Squid 3.x before 3.5.15 and 4.x before 4.0.7. The Edge Side Includes (ESI) parser does not check buffer limits during XML parsing, allowing remote HTTP servers to trigger a denial of service (assertion failure and daemon exit) with a crafted XML document (esi/CustomParser.cc...