541 matches found
The vulnerability of the Gopher network protocol implementation in Squid proxy servers allows attackers to induce service failures.
The vulnerability of the Gopher network protocol implementation in Squid proxies relates to the use of the assert function or similar operators. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a specially crafted response to the proxy server...
OESA-2022-1732 squid security update
Squid is a high-performance proxy caching server. It handles all requests in a single, non-blocking, I/O-driven process and keeps meta data and implements negative caching of failed requests. Security Fixes: A vulnerability was found in squid. Due to improper buffer management Squid is vulnerable...
ROS-20220628-03
A vulnerability in the Squid caching proxy server is related to assertion reachability when processing responses to the from the Gopher server. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted response to the proxy server and perform a denial o...
CVE-2021-46784
A vulnerability was found in squid Web proxy cache server. This issue occurs due to improper buffer management while processing Gopher server responses. This flaw leads to a remote denial of service or a crash if it receives specially crafted network traffic, either by mistake or a malicious acto...
Denial Of Service (DoS)
squid is vulnerable to denial of service attacks. The vulnerability exists via Gopher Processing component which allows an attacker to cause an application crash...
Ubuntu: Security Advisory (USN-5491-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5491-1: Squid vulnerability
Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service...
USN-5491-1 squid, squid3 vulnerability
Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service...
Squid 资源管理错误漏洞
Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in several versions of Squid that stems from an accessible assertion in the...
SSRF on index.php/cobrowse/proxycss/
Description Live Helper Chat is vulnerable to SSRF on the /index.php/cobrowse/proxycss endpoint. It's possible to make internal requests and see the response as an authenticated user, it's also possible to make an request with any protocol using goppher://. Proof of Concept 1. Request...
CVE-2021-46784
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses...
UBUNTU-CVE-2021-46784
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses...
Fedora: Security Advisory for squid (FEDORA-2021-de5e6c60c2)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Server-Side Request Forgery (SSRF) in appwrite/appwrite
Description An authenticated SSRF vulnerability exists in appwrite's webhooks / tasks feature. The gopher:// protocol can be used to cause code execution on the Redis server that comes along with appwrite. The attacker must know the IP address of the redis-server which can be done by creating...
Fedora: Security Advisory for squid (FEDORA-2021-24af72ff2c)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 34 Update: squid-5.0.6-1.fc34
Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...
GHSA-39Q4-P535-C852 Uncontrolled Resource Consumption in locutus
The package locutus before 2.0.15 is vulnerable to Regular Expression Denial of Service ReDoS via the gopherparsedir function...
CVE-2021-23392
The package locutus before 2.0.15 are vulnerable to Regular Expression Denial of Service ReDoS via the gopherparsedir function...
locutus 安全漏洞
Locutus PHP is an open source PHP language standard library used in JavaScript. A security vulnerability exists in locutus versions prior to 2.0.15, which stems from the gopherparsedir function being susceptible to a denial of service ReDoS attack...
Fedora: Security Advisory for squid (FEDORA-2021-7d86bec29e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...