Lucene search
K

541 matches found

OpenVAS
OpenVAS
added 2023/11/03 12:0 a.m.9 views

Fedora: Security Advisory for squid (FEDORA-2023-df4923cddc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Veracode
Veracode
added 2023/10/25 7:20 a.m.9 views

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial of Service DoS. An attacker is able to exploit this vulnerability by sending a specially crafted Gopher request to a vulnerable Squid server. The request would cause the Squid server to allocate a large amount of memory, which would eventually exhaust the...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/10/20 12:0 a.m.4 views

The vulnerability of the Gopher network protocol implementation in Squid proxy servers allows attackers to induce service failures.

The vulnerability of the Gopher network protocol implementation in Squid proxy servers is related to pointer dereferencing errors. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.5CVSS5.5AI score
Exploits0References2Affected Software2
OpenVAS
OpenVAS
added 2023/09/29 12:0 a.m.20 views

Squid DoS Vulnerability (GHSA-cg5h-v6vc-w33f, SQUID-2021:8)

Squid is prone to a denial of service DoS vulnerability in the Gopher gateway. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS8AI score0.05955EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.25 views

Amazon Linux 2 : squid (ALASSQUID4-2023-003)

The version of squid installed on the remote host is prior to 4.15-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2SQUID4-2023-003 advisory. In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occ...

6.5CVSS6.9AI score0.0362EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/09/26 12:0 a.m.4 views

PT-2023-8580 · Squid +10 · Squid +11

Name of the Vulnerable Software and Affected Versions: Squid versions prior to 6.0.1 Description: The issue is related to a NULL pointer dereference bug in Squid's Gopher gateway, making it vulnerable to a Denial of Service attack. The gopher protocol is always available and enabled in Squid prio...

9.3CVSS7.6AI score0.88864EPSS
Exploits1References129
Amazon
Amazon
added 2023/09/25 12:0 a.m.5 views

Important: squid

Issue Overview: In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. CVE-2021-46784 Affected Packages: squid Note: This advisory is applicable to Amazon Linux 2 - Squid4...

6.5CVSS7.2AI score0.0362EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/09/07 12:0 a.m.13 views

Squid DoS Vulnerability (GHSA-jm7h-w5q5-jpq9, SQUID-2020:13)

Squid is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:squid-cache:squid";...

7.2AI score
Exploits0References1
The Hacker News
The Hacker News
added 2023/04/04 10:8 a.m.2 views

Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks

The threat actor known as Arid Viper has been observed using refreshed variants of its malware toolkit in its attacks targeting Palestinian entities since September 2022. Symantec, which is tracking the group under its insect-themed moniker Mantis, said the adversary is "going to great lengths to...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/02/20 12:0 a.m.2 views

PT-2023-6221 · Squid · Squid

Name of the Vulnerable Software and Affected Versions: Squid affected versions not specified Description: The issue is related to the implementation of the Gopher proxy server protocol in Squid, which is associated with pointer dereference errors. Exploitation of this issue could allow a remote...

5CVSS7.2AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.3 views

SUSE CVE-2005-0094

Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service crash via crafted responses...

5CVSS7.2AI score0.08635EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.5 views

SUSE CVE-2010-3177

Multiple cross-site scripting XSS vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a 1 file or 2 directory on a Gopher server...

4.3CVSS8AI score0.02064EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.5 views

SUSE CVE-2011-3205

Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service memory corruption and daemon restart or possibly have unspecified other impac...

6.8CVSS8AI score0.27454EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.3 views

SUSE CVE-2021-46784

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses...

7.5CVSS7AI score0.0362EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.3 views

SUSE CVE-2022-42915

curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request HTTP...

7.3CVSS9AI score0.02927EPSS
Exploits0References3
Amazon
Amazon
added 2023/02/04 12:0 a.m.28 views

Important: squid

Issue Overview: In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. CVE-2021-46784 A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI an...

8.6CVSS7.6AI score0.0362EPSS
Exploits0
CNNVD
CNNVD
added 2023/01/15 12:0 a.m.3 views

sqldump SQL注入漏洞

sqldump is a Gopher Gala open source widget for database management. SQL injection vulnerability exists in sqldump , the vulnerability stems from unknown code effects , the operation leads to SQL injection...

9.8CVSS6.6AI score0.00643EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/12/08 1:8 p.m.3 views

curl: HTTP proxy double-free

A vulnerability was found in curl. The issue occurs if curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL. It sets up the connection to the remote server by issuing a CONNECT request to the proxy and then tunnels the rest of the protocol through. An HTTP proxy might refuse this...

8.1CVSS7.2AI score0.02927EPSS
Exploits0References5
OSV
OSV
added 2022/10/29 8:15 p.m.3 views

ALPINE-CVE-2022-42915

curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request HTTP...

8.1CVSS7.3AI score0.02927EPSS
Exploits0References1
OSV
OSV
added 2022/10/29 8:15 p.m.5 views

AZL-11368 CVE-2022-42915 affecting package curl for versions less than 7.86.0-1

curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request HTTP...

8.1CVSS6.8AI score0.02927EPSS
Exploits0References1
Rows per page
Query Builder