31 matches found
OESA-2026-2726 squid security update
Squid is a high-performance proxy caching server. It handles all requests in a single, non-blocking, I/O-driven process and keeps meta data and implements negative caching of failed requests. Security Fixes: 'Hi all,', "CVE-2026-47729\n\nDue to a Improper Validation of Syntactic Correctness of...
PT-2026-49606
Name of the Vulnerable Software and Affected Versions squid-cache Squid affected versions not specified Description A heap-based buffer overflow occurs during the processing of cache digests. A heap-based buffer overflow is a memory corruption issue where a program writes more data to a buffer...
PT-2026-49605
Name of the Vulnerable Software and Affected Versions Squid versions prior to 7.6 Description A memory leak issue, dubbed Squidbleed, exists in the Squid web proxy due to an out-of-bounds read in the FTP directory-listing parser. The flaw originates from a 1997 code change and a misunderstanding ...
SUSE: Security Advisory (SUSE-SU-2020:14460-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : squid (RHSA-2020:4082)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4082 advisory. - An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as...
squid security update
7:3.5.20-17.4 - Resolves: 1872349 - CVE-2020-24606 squid: Improper Input Validation could result in a DoS - Resolves: 1872327 - CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning - Resolves: 1872342 - CVE-2020-15811 squid: HTTP Request Splitting could result in cache...
Important: Red Hat Security Advisory: squid security update
An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 7 : squid (RHSA-2020:4082)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4082 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: HTTP...
SUSE-SU-2020:14460-1 Security update for squid3
This update for squid3 fixes the following issues: - Fixed a Cache Poisoning and Request Smuggling attack CVE-2020-15049, bsc1173455 - Fixed incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses CVE-2019-12519,...
openSUSE Security Update : squid (openSUSE-2020-606)
This update for squid to version 4.10 fixes the following issues : Security issues fixed : - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway bsc1162689. - CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy bsc1162687. - CVE-2020-8450: Fixed a buff...
Security update for squid (moderate)
openSUSE Security Update: Security update for squid Announcement ID: openSUSE-SU-2020:0606-1 Rating: moderate References: 1162687 1162689 1162691 Cross-References: CVE-2019-12528 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 Affected Products: openSUSE Leap 15.1 An update that fixes four...
Security fix for the ALT Linux 9 package squid version 4.10-alt1
4.10-alt1 built March 16, 2020 Alexey Shabalin in task 247850 --- March 14, 2020 Alexey Shabalin - Updated to 4.10. - Fixes: + CVE-2019-12526 Heap Overflow issue in URN processing. + CVE-2019-12523 Multiple issues in URI processing. + CVE-2019-18676 Multiple issues in URI processing. +...
SUSE SLES12 Security Update : squid (SUSE-SU-2020:0661-1)
This update for squid fixes the following issues : CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway bsc1162689. CVE-2019-12526: Fixed potential remote code execution during URN processing bsc1156326. CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI...
Security update for squid (moderate)
openSUSE Security Update: Security update for squid Announcement ID: openSUSE-SU-2020:0307-1 Rating: moderate References: 1162687 1162689 1162691 Cross-References: CVE-2019-12528 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 Affected Products: openSUSE Leap 15.1 An update that fixes four...
openSUSE Security Update : squid (openSUSE-2020-307)
This update for squid to version 4.10 fixes the following issues : Security issues fixed : - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway bsc1162689. - CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy bsc1162687. - CVE-2020-8450: Fixed a buff...
SUSE SLES12 Security Update : squid (SUSE-SU-2020:0487-1)
This update for squid to version 4.10 fixes the following issues : Security issues fixed : CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway bsc1162689. CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy bsc1162687. CVE-2020-8450: Fixed a buffer...
SUSE SLES15 Security Update : squid (SUSE-SU-2020:0493-1)
This update for squid to version 4.10 fixes the following issues : Security issues fixed : CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway bsc1162689. CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy bsc1162687. CVE-2020-8450: Fixed a buffer...
Squid -- multiple vulnerabilities
The Squid developers reports: Improper Input Validation issues in HTTP Request processing CVE-2020-8449, CVE-2020-8450. Information Disclosure issue in FTP Gateway CVE-2019-12528. Buffer Overflow issue in extlmgroupacl helper CVE-2020-8517...
Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit
No description provided by source. / UMN gopherd2.x.x/3.x.x: remote ftp gateway buffer overflow. by: vade79/v9 v9 at fakehalo.deadpig.org fakehalo/realhalo three years since last audit, code is a little more secure. but, still found a few potentially exploitable situations. this exploits the ftp...
University of Minnesota Gopherd 2.0.x/2.3/3.0.x FTP Gateway Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8167/info It has been reported that the FTP gateway component within the gopherd server is prone to a buffer overflow vulnerability. This vulnerability may be present due to a failure to perform bounds checking when...