Linux Distros Unpatched Vulnerability : CVE-2016-3948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP...

SUSE: Security Advisory (SUSE-SU-2016:1996-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2008-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2016-1056)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3557-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Squid vulnerabilities (USN-3557-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3557-1 advisory. Mathias Fischer discovered that Squid incorrectly handled certain long strings in headers. A malicious remote server could possibly cause Squ...

USN-3557-1: Squid vulnerabilities

Mathias Fischer discovered that Squid incorrectly handled certain long strings in headers. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. CVE-2016-2569 William Lima discovered that Squid incorrect...

Scientific Linux Security Update : squid on SL7.x x86_64 (20161103)

The following packages have been upgraded to a newer upstream version: squid 3.5.20. Security Fixes : - Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid usi...

CentOS 7 : squid (CESA-2016:2600)

An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

openSUSE Security Update : squid (openSUSE-2016-988)

The Squid HTTP proxy has been updated to version 3.3.14, fixing the following security issues : - Fixed multiple Denial of Service issues in HTTP Response processing. CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc968392, bsc968393, bsc968394, bsc968395 - CVE-2016-3947: Buffer...

Fedora Update for squid FEDORA-2016-b3b9407940

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 23 : 7:squid (2016-b3b9407940)

Security fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556 ---- Security fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 ---- Security fix for CVE-2016-3947 and CVE-2016-3948 ---- Security fix for CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572 Note tha...

Fedora 24 : 7:squid (2016-95edf19d8a)

Bugfix ---- Security fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556 ---- Security fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 ---- Security fix for CVE-2016-3947 and CVE-2016-3948 Note that Tenable Network Security has extracted the preceding description...

GLSA-201607-01 : Squid: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201607-01 Squid: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details. Impact : An attacker can possibly execute arbitrary code or create a...

Squid HTTP Response Processing Denial of Service (CVE-2016-3948)

The vulnerability is due to improper bounds checking while processing HTTP responses. A remote, unauthenticated attacker can exploit this vulnerability by returning crafted HTTP responses to the vulnerable proxy server. Successful exploitation of the vulnerability could lead to denial-of-service...

CVE-2016-3948

Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers...

CVE-2016-3948

CVE-2016-3948 affects Squid 3.x before 3.5.16 and 4.x before 4.0.8, where insufficient bounds checking on HTTP Vary headers allows remote attackers to cause a denial of service via a crafted HTTP response. Related advisories show fixes in newer Squid releases (e.g., 3.5.20 and 4.x series updates)...

Updated squid packages fix security vulnerabilities

Updated squid packages fix security vulnerabilities: Due to a buffer overrun, the Squid pinger binary in Squid before 3.5.16 is vulnerable to a denial of service or information leak attack when processing ICMPv6 packets. This bug also permits the server response to manipulate other ICMP and ICMPv...