27 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-12526
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server ...
CVE-2019-12526
creationtimestamp| type| source ---|---|--- 2024-02-28 11:12:00+00:00| seen| https://t.me/ctinow/195323...
Rocky Linux 8 : squid:4 (RLSA-2020:4743)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4743 advisory. - An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does thi...
Amazon Linux 2 : squid (ALASSQUID4-2023-007)
The version of squid installed on the remote host is prior to 4.10-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2SQUID4-2023-007 advisory. An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTT...
Amazon Linux AMI : squid (ALAS-2023-1774)
The version of squid installed on the remote host is prior to 3.5.20-17.49. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1774 advisory. An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When...
Important: squid
Issue Overview: An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker...
Amazon Linux 2 : squid (ALAS-2023-2081)
The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2081 advisory. An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receivi...
Important: squid
Issue Overview: An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker...
SUSE: Security Advisory (SUSE-SU-2020:14460-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:3067-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0661-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RLSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...
ALSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...
Moderate: squid:4 security, bug fix, and enhancement update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...
[SECURITY] [DSA 4682-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4682-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 08, 2020 https://www.debian.org/security/faq -...
Internet Bug Bounty: UrnState Heap Overflow
Summary: When handling a URN Request an attacker controlled response can cause Squid to overflow a heap buffer. The buffer exist within a struct so not only does it allow an attacker to overflow adjacent memory, but also control a pointer that follows the buffer enabling them to free arbitrary...
SUSE SLES12 Security Update : squid (SUSE-SU-2020:0661-1)
This update for squid fixes the following issues : CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway bsc1162689. CVE-2019-12526: Fixed potential remote code execution during URN processing bsc1156326. CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI...
Squid Proxy Heap Buffer Overflow (CVE-2019-12526)
A heap buffer overflow vulnerability has been reported in Squid Proxy. Successful exploitation could result in execution of arbitrary code under the security context of the squid process...
Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-1133)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-1034)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...