Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A...

The vulnerability of the Squid proxy server, related to the inconsistent interpretation of HTTP requests, allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the Squid proxy server is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks XSS...

Squid Information Disclosure Vulnerability (CNVD-2020-50114)

Squid full name Squid Cache is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. The Squid product has an information disclosure vulnerability that can be exploited by an attack...

The vulnerability of the http/ContentLengthInterpreter.cc component in the Squid proxy server allows a hacker to manipulate cache content.

The vulnerability of the http/ContentLengthInterpreter.cc component in the Squid proxy server is related to HTTP request processing flaws. Exploiting this vulnerability allows a malicious actor to poison the cache contents using a specially crafted HTTP request...

Squid Denial of Service Vulnerability (CNVD-2020-48582)

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in Squid versions prior to 4.13 and 5.0.4 in the 5.x series, which can be exploited by...

Information Disclosure

glib is vulnerable to information disclosure. The vulnerability exists as GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxyaddr field is mishandled. This bug is...

Lazarus Group Surfaces with Advanced Malware Framework

The North Korea-linked APT known as Lazarus Group has debuted an advanced, multipurpose malware framework, called MATA, to target Windows, Linux and macOS operating systems. Kaspersky researchers uncovered a series of attacks utilizing MATA so-called because the malware authors themselves call...

Moderate: Red Hat Security Advisory: rh-nginx116-nginx security update

An update for rh-nginx116-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Squid Code Problem Vulnerability

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in Squid versions prior to 4.12 and 5.x versions prior to 5.0.3. An attacker could...

The vulnerability in the cachemgr.cgi utility of the Squid proxy server allows a hacker to perform cross-site scripting attacks.

The vulnerability of the cachemgr.cgi utility of the Squid proxy server is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor, operating remotely, to perform cross-site scripting attacks using the username or auth...

Privilege Escalation

subversion is vulnerable to privilege escalation. The vulnerability exists as a maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicio...

[SECURITY] [DSA 4682-1] squid security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4682-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 08, 2020 https://www.debian.org/security/faq -...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

squid:4 security update

An update is available for libecap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Squid is a high-performance proxy caching server for web clients, supporting...

Machine-In-The-Middle in https-proxy-agent

Versions of https-proxy-agent prior to 2.2.3 are vulnerable to Machine-In-The-Middle. The package fails to enforce TLS on the socket if the proxy server responds the to the request with a HTTP status different than 200. This allows an attacker with access to the proxy server to intercept...

Squid Heap Overflow Vulnerability

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in Squid 4.7 and earlier versions. An attacker can exploit this vulnerability to cause...

The vulnerability of the configuration of HTTP proxy servers for WebKitGTK and WPE WebKit modules, which allow attackers to gain unauthorized access to protected information.

The vulnerability of the configuration of HTTP proxy servers for WebKitGTK and WPE WebKit modules related to improper data processing during real-time video loading. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Squid buffer overflow vulnerability (CNVD-2020-25818)

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A buffer overflow vulnerability exists in Squid 4.7 and earlier versions. An attacker can exploit this vulnerability t...

MS12-051: Vulnerability in Microsoft Office for Mac could allow elevation of privilege: July 10, 2012

Describes the Microsoft Office for Mac 2011 14.2.3 Update that was released on July 10, 2012INTRODUCTIONMicrosoft has released security bulletin MS12-051. This security bulletin contains all the relevant information about the security update for Microsoft Office for Mac 2011. To view the complete...