46 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-4051
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute...
RHEL 5 : squid (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - squid: buffer overflow in cachemgr.cgi CVE-2016-4051 - Squid, when transparent interception mode is...
RHEL 5 : squid (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code...
Debian: Security Advisory (DLA-478-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-556-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2147-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1996-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2008-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2016-1025)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Remote Code Execution (RCE)
squid is vulnerable to remote code execution. It was found that the fix for CVE-2016-4051 released via RHSA-2016:1138 did not properly prevent the stack overflow in the mungeotherline function. A remote attacker could send specially crafted data to the Squid proxy, which would exploit the cachemg...
Amazon Linux: Security Advisory (ALAS-2016-735)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2016-713)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : squid (SUSE-SU-2016:2147-1)
This update for squid fixes the following issues : - CVE-2016-4051: backport fix buffer overflow in cachemgr.cgi bsc976553 - CVE-2016-4554: backport fix for header smuggling issue in HTTP Request processing bsc979010 Note that Tenable Network Security has extracted the preceding description block...
Squid < 3.5.17, 4.0.9 Multiple Vulnerabilities
Binary data 802013.prm...
Amazon Linux AMI : squid (ALAS-2016-735)
A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility is used, a remote attacker could possibly use this flaw to execute arbitrary code. CVE-2016-4051 It was found that the fix for CVE-2016-4051 did not...
Medium: squid
Issue Overview: A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility is used, a remote attacker could possibly use this flaw to execute arbitrary code. CVE-2016-4051 It was found that the fix for...
openSUSE Security Update : squid (openSUSE-2016-988)
The Squid HTTP proxy has been updated to version 3.3.14, fixing the following security issues : - Fixed multiple Denial of Service issues in HTTP Response processing. CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc968392, bsc968393, bsc968394, bsc968395 - CVE-2016-3947: Buffer...
Stack overflow
Stack-based buffer overflow in the mungeotherline function in cachemgr.cgi in the squid package before 3.1.23-16.el68.6 in Red Hat Enterprise Linux 6 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for...
Fedora Update for squid FEDORA-2016-b3b9407940
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-3625-1 : squid3 - security update
Several security issues have been discovered in the Squid caching proxy. - CVE-2016-4051 : CESG and Yuriy M. Kaminskiy discovered that Squid cachemgr.cgi was vulnerable to a buffer overflow when processing remotely supplied inputs relayed through Squid. - CVE-2016-4052 : CESG discovered that a...