21 matches found
squid: Fix of 3 CVEs
CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...
Linux Distros Unpatched Vulnerability : CVE-2019-12524
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default...
Rocky Linux 8 : squid:4 (RLSA-2020:4743)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4743 advisory. - An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does thi...
Amazon Linux 2 : squid (ALAS-2023-2318)
The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2318 advisory. An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the...
Amazon Linux 2 : squid (ALASSQUID4-2023-010)
The version of squid installed on the remote host is prior to 4.15-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2SQUID4-2023-010 advisory. 2023-10-12: CVE-2022-41317 was added to this advisory. An issue was discovered in Squid through 4.7 and 5. When receivin...
Amazon Linux 2 : squid (ALASSQUID4-2023-009)
The version of squid installed on the remote host is prior to 4.15-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2SQUID4-2023-009 advisory. An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can...
SUSE CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is...
SUSE: Security Advisory (SUSE-SU-2020:14460-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...
RLSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...
Moderate: squid:4 security, bug fix, and enhancement update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...
Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-1884)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4446-1: Squid vulnerabilities
Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform cache-injection attacks or gain access to reverse proxy features such as ESI. CVE-2019-12520 Jeriko One and Kristoffer Danielsson discovered that Squid...
USN-4446-1 squid3 vulnerabilities
Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform cache-injection attacks or gain access to reverse proxy features such as ESI. CVE-2019-12520 Jeriko One and Kristoffer Danielsson discovered that Squid...
SUSE SLES12 Security Update : squid (SUSE-SU-2020:1227-1)
This update for squid fixes the following issues : CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses bsc1169659. CVE-2020-11945: fixes a potential remote execution...
[SECURITY] [DSA 4682-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4682-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 08, 2020 https://www.debian.org/security/faq -...
CVE-2019-12524
creationtimestamp| type| source ---|---|--- 2020-04-16 00:14:27+00:00| seen| https://t.me/cibsecurity/11312...
CVE-2019-12524
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is...
CVE-2019-12524
CVE-2019-12524 concerns Squid up to version 4.7 where the Cache Manager block relies on a url_regex rule that decodes incoming requests. An attacker can craft an encoded URL to bypass the url_regex check and access the blocked Cache Manager resource. Affects Squid’s request handling path and deco...
Internet Bug Bounty: Cache Poisoning
Summary: An attacker can cause Squid to return to the user attacker controlled data, for any domain. From Squid-4.7 and below both HTTPS and FTP could be poisoned. This is due to Squid URL decoding parts of the Request URL and using that to create a hash. Request that decode to the same URL will...