SUSE: Security Advisory (SUSE-SU-2016:2008-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-24340

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in picomdnshandledataasanswersgeneric in picomdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the response data available in the...

squid: Incorrect pointer handling when processing ESI Responses can lead to denial of service

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

Buffer overflow

During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer with physical address information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobil...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2018-1075)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2018-1074)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenSC Out-of-Bounds Read Vulnerability

OpenSC is a set of software tools and libraries for smart cards, focusing on smart cards with cryptographic capabilities. OpenSC prior to 0.19.0-rc1 suffers from an out-of-bounds read vulnerability when processing responses. An attacker could exploit this vulnerability to cause the opensc library...

EulerOS 2.0 SP2 : squid (EulerOS-SA-2018-1075)

According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability i...

EulerOS 2.0 SP1 : squid (EulerOS-SA-2018-1074)

According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability i...

SUSE-SU-2018:0636-1 Security update for squid

This update for squid fixes the following issues: Security issues fixed: - CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI responses. This affects the default custom esiparser bsc1077003. - CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien...

Design/Logic Flaw

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

ALPINE-CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

CVE-2018-1000024

The CVE-2018-1000024 vulnerability affects Squid HTTP Caching Proxy (versions 3.0–3.5.27 and 4.0–4.0.22). It is caused by Incorrect Pointer Handling in ESI Response Processing, enabling a Denial of Service when a remote server delivers an HTTP response payload with valid but unusual ESI syntax. I...

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

Debian DLA-1266-1 : squid3 security update

Squid, a high-performance proxy caching server for web clients, has been found vulnerable to denial of service attacks associated with ESI response processing and intermediate CA certificate downloading. CVE-2018-1000024 Incorrect pointer handling resulted in the ability of a remote server to...

[SECURITY] [DLA 1266-1] squid3 security update

Package : squid3 Version : 3.1.20-2.2+deb7u8 CVE ID : CVE-2018-1000024 CVE-2018-1000027 Debian Bug : 888719 888720 Squid, a high-performance proxy caching server for web clients, has been found vulnerable to denial of service attacks associated with ESI response processing and intermediate CA...