Lucene search
K

541 matches found

BDU FSTEC
BDU FSTEC
added 2022/07/04 12:0 a.m.3 views

The vulnerability of the Gopher network protocol implementation in Squid proxy servers allows attackers to induce service failures.

The vulnerability of the Gopher network protocol implementation in Squid proxies relates to the use of the assert function or similar operators. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a specially crafted response to the proxy server...

7.8CVSS6.7AI score0.0362EPSS
Exploits0References12Affected Software6
OSV
OSV
added 2022/07/01 11:3 a.m.2 views

OESA-2022-1732 squid security update

Squid is a high-performance proxy caching server. It handles all requests in a single, non-blocking, I/O-driven process and keeps meta data and implements negative caching of failed requests. Security Fixes: A vulnerability was found in squid. Due to improper buffer management Squid is vulnerable...

6.5CVSS7AI score0.0362EPSS
Exploits0References2
Redos
Redos
added 2022/06/28 12:0 a.m.28 views

ROS-20220628-03

A vulnerability in the Squid caching proxy server is related to assertion reachability when processing responses to the from the Gopher server. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted response to the proxy server and perform a denial o...

6.5CVSS6.6AI score0.0362EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2022/06/24 6:5 a.m.47 views

CVE-2021-46784

A vulnerability was found in squid Web proxy cache server. This issue occurs due to improper buffer management while processing Gopher server responses. This flaw leads to a remote denial of service or a crash if it receives specially crafted network traffic, either by mistake or a malicious acto...

7.5CVSS3.9AI score0.0362EPSS
Exploits0References4
Veracode
Veracode
added 2022/06/23 7:20 p.m.27 views

Denial Of Service (DoS)

squid is vulnerable to denial of service attacks. The vulnerability exists via Gopher Processing component which allows an attacker to cause an application crash...

6.5CVSS3.5AI score0.0362EPSS
Exploits0References11Affected Software6
OpenVAS
OpenVAS
added 2022/06/23 12:0 a.m.18 views

Ubuntu: Security Advisory (USN-5491-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.0362EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2022/06/22 2:3 p.m.74 views

USN-5491-1: Squid vulnerability

Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service...

6.5CVSS6.7AI score0.0362EPSS
Exploits0
OSV
OSV
added 2022/06/22 2:3 p.m.2 views

USN-5491-1 squid, squid3 vulnerability

Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service...

6.5CVSS7.2AI score0.0362EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/06/18 12:0 a.m.3 views

Squid 资源管理错误漏洞

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in several versions of Squid that stems from an accessible assertion in the...

6.5CVSS6.6AI score0.0362EPSS
Exploits0References27
Huntr
Huntr
added 2022/03/29 4:18 a.m.32 views

SSRF on index.php/cobrowse/proxycss/

Description Live Helper Chat is vulnerable to SSRF on the /index.php/cobrowse/proxycss endpoint. It's possible to make internal requests and see the response as an authenticated user, it's also possible to make an request with any protocol using goppher://. Proof of Concept 1. Request...

5.5CVSS0.4AI score0.0094EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2021/12/31 12:0 a.m.42 views

CVE-2021-46784

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses...

6.5CVSS6.9AI score0.0362EPSS
Exploits0References3
OSV
OSV
added 2021/12/31 12:0 a.m.1 views

UBUNTU-CVE-2021-46784

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses...

6.5CVSS7.3AI score0.0362EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/10/21 12:0 a.m.18 views

Fedora: Security Advisory for squid (FEDORA-2021-de5e6c60c2)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.02854EPSS
Exploits0References2
Huntr
Huntr
added 2021/10/03 7:20 a.m.25 views

Server-Side Request Forgery (SSRF) in appwrite/appwrite

Description An authenticated SSRF vulnerability exists in appwrite's webhooks / tasks feature. The gopher:// protocol can be used to cause code execution on the Redis server that comes along with appwrite. The attacker must know the IP address of the redis-server which can be done by creating...

2.2AI score
Exploits0
OpenVAS
OpenVAS
added 2021/06/17 12:0 a.m.23 views

Fedora: Security Advisory for squid (FEDORA-2021-24af72ff2c)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.7AI score0.95785EPSS
Exploits5References2
Fedora
Fedora
added 2021/06/11 1:16 a.m.48 views

[SECURITY] Fedora 34 Update: squid-5.0.6-1.fc34

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

7.5CVSS6.5AI score0.95785EPSS
Exploits5
OSV
OSV
added 2021/06/10 5:25 p.m.1 views

GHSA-39Q4-P535-C852 Uncontrolled Resource Consumption in locutus

The package locutus before 2.0.15 is vulnerable to Regular Expression Denial of Service ReDoS via the gopherparsedir function...

7.5CVSS5.9AI score0.01936EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2021/06/08 7:42 a.m.2 views

CVE-2021-23392

The package locutus before 2.0.15 are vulnerable to Regular Expression Denial of Service ReDoS via the gopherparsedir function...

7.5CVSS5.3AI score0.01936EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.3 views

locutus 安全漏洞

Locutus PHP is an open source PHP language standard library used in JavaScript. A security vulnerability exists in locutus versions prior to 2.0.15, which stems from the gopherparsedir function being susceptible to a denial of service ReDoS attack...

7.5CVSS7.2AI score0.01936EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/04/10 12:0 a.m.21 views

Fedora: Security Advisory for squid (FEDORA-2021-7d86bec29e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS8.8AI score0.08161EPSS
Exploits0References2
Rows per page
Query Builder