28 matches found
MiracleLinux 9 : squid-5.5-6.el9_3.5 (AXSA:2024-7340:01)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7340:01 advisory. squid: Denial of Service in SSL Certificate validation CVE-2023-46724 squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728...
CentOS 7 : squid (RHSA-2024:1787)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1787 advisory. - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4...
Security Bulletin: IBM Security Guardium is affected by denial of service vulnerabilities (CVE-2023-46728, CVE-2023-49285, CVE-2023-49286)
Summary IBM Security Guardium has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2023-46728 DESCRIPTION: Squid-Cache Squid is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the Gopher gateway. By sending a specially crafted request, ...
Photon OS 5.0: Squid PHSA-2023-5.0-0154
An update of the squid package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0154. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Oracle Linux 7 : squid (ELSA-2024-1787)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1787 advisory. - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manag...
Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2024-1301)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5637-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5637-1 [email protected] https://www.debian.org/security/ Markus Koschany March 08, 2024 https://www.debian.org/security/faq -...
openSUSE: Security Advisory for squid (SUSE-SU-2023:4544-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AlmaLinux 9 : squid (ALSA-2024:0071)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:0071 advisory. - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4...
RHEL 9 : squid (RHSA-2024:0071)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0071 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Deni...
Important: squid security update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of Service in SSL Certificate validation CVE-2023-46724 squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 squid: Buffer over-read...
Oracle Linux 8 : squid:4 (ELSA-2024-0046)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0046 advisory. - Fix squid: Denial of Service in SSL Certificate validation CVE-2023-46724 - Fix squid: NULL pointer dereference in the gopher protocol code...
squid34: Fix of CVE-2023-46728
CVE-2023-46728: Remove support for Gopher protocol...
squid: Fix of CVE-2023-46728
CVE-2023-46728: Remove support for Gopher protocol - Enable test-suite...
CLSA-2023-1702420474 Fix CVE(s): CVE-2023-46728
SECURITY UPDATE: Denial of Service attack against Squid’s Gopher gateway due to a NULL pointer dereference bug - debian/patches/CVE-2023-46728.patch: Remove support for Gopher protocol - CVE-2023-46728...
Important: squid
Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...
Important: squid
Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1...
SUSE SLES15 Security Update : squid (SUSE-SU-2023:4589-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:4589-1 advisory. - CVE-2023-46728: Remove gopher support bsc1216926. - Fixed overread in HTTP request header parsing bsc1217274. Tenable has extracted the...
SUSE-SU-2023:4589-1 Security update for squid
This update for squid fixes the following issues: - CVE-2023-46728: Remove gopher support bsc1216926. - Fixed overread in HTTP request header parsing bsc1217274...
SUSE: Security Advisory (SUSE-SU-2023:4545-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...