Astra Linux - уязвимость в squid

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

EUVD-2022-44526

Malicious code in bioql PyPI...

Rocky Linux 9 : squid (RLSA-2022:6839)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6839 advisory. - A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer- overflow protection, the SSPI and SMB authentication helpe...

Amazon Linux 2 : squid (ALASSQUID4-2023-001)

The version of squid installed on the remote host is prior to 4.15-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2SQUID4-2023-001 advisory. A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerabl...

ROS-20230317-02

Squid vulnerability related to a bug in libntlmauth due to improper integer overflow protection integer overflow protection in Squid SSPI and SMB authentication helpers. Exploitation of the vulnerability could allow an attacker, acting remotely to disclose information or cause a denial of service...

EulerOS 2.0 SP5 : squid (EulerOS-SA-2023-1515)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer- overflow protection, the SSPI and SMB...

SUSE CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

Amazon Linux AMI : squid, squid-migration-script (ALAS-2023-1677)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1677 advisory. In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. CVE-2021-46784 A...

ALPINE-CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

DEBIAN-CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

CVE-2022-41318

CVE-2022-41318 is a vulnerability in Squid’s libntlmauth where a buffer over-read, caused by insufficient integer-overflow protection in the SSPI/SMB authentication helpers, can lead to reading unintended memory and potentially exposing cleartext credentials to a client. Public sources consistent...

Rocky Linux 8 : squid:4 (RLSA-2022:6775)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6775 advisory. - A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer- overflow protection, the SSPI and SMB authentication helpe...

SUSE SLES12 Security Update : squid (SUSE-SU-2022:3533-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3533-1 advisory. - An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, there can...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Squid vulnerabilities (USN-5641-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5641-1 advisory. Mikhail Evdokimov discovered that Squid incorrectly handled cache manager ACLs. A remote attacker could possibly use this issue t...

UBUNTU-CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...