SUSE-SU-2020:14460-1 Security update for squid3

This update for squid3 fixes the following issues: - Fixed a Cache Poisoning and Request Smuggling attack CVE-2020-15049, bsc1173455 - Fixed incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses CVE-2019-12519,...

The vulnerability of the Transfer-Encoding and Content-length headers in reverse proxy and proxy redirection mechanisms of the Apache Traffic Server allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Transfer-Encoding and Content-length headers in reverse proxy and proxy redirection mechanisms of the Apache Traffic Server is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability can allow an attacker to gain access to confidential data,...

The vulnerability of reverse proxies and proxy redirection mechanisms in the Apache Traffic Server allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of reverse proxies and proxy redirection in the Apache Traffic Server is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability can allow a remote attacker to access sensitive data, compromise its integrity, and cause service failures...

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers as demonstrated by the httputil.ReverseProxy Handler because it reads a request body and writes a response at the same time.

...

Buffer Overflows

Squid is vulnerable to buffer overflows. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...

Ubuntu 16.04 LTS : Tomcat vulnerabilities (USN-4448-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4448-1 advisory. It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause...

tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...

tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...

Ubuntu 16.04 LTS / 18.04 LTS : Squid vulnerabilities (USN-4446-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4446-1 advisory. Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform...

AZL-38206 CVE-2020-15586 affecting package python-tensorboard for versions less than 2.16.2-1

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

DEBIAN-CVE-2020-15586

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

AZL-79042 CVE-2020-15586 affecting package golang 1.25.7-1

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

UBUNTU-CVE-2020-15586

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

Apsis Pound Environmental Issues Vulnerabilities

Apsis Pound is a reverse proxy program for Web servers from the German company Apsis. The program supports reverse proxy, load balancing and HTTPS front-end and other features. A security vulnerability exists in versions of Apsis Pound prior to 2.8. An attacker can exploit the vulnerability to...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-1666)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Squid proxy server arises from insufficient validation of input data, allowing attackers to access features that can only be used by reverse proxies.

The vulnerability of the Squid proxy server exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to gain access to features that can only be used by reverse proxies...

tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...

Moderate: Red Hat Enhancement Advisory: rh-varnish6 bug fix and enhancement update

Updated rh-varnish6 packages are now available as a part of Red Hat Software Collections for Red Hat Enterprise Linux. Varnish Cache is a high-performance HTTP reverse proxy. The rh-varnish6 packages provide a recent stable release of Varnish Cache 6. The rh-varnish6 packages have been upgraded t...

EulerOS 2.0 SP8 : squid (EulerOS-SA-2020-1591)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to acce...

openSUSE Security Update : squid (openSUSE-2020-606)

This update for squid to version 4.10 fixes the following issues : Security issues fixed : - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway bsc1162689. - CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy bsc1162687. - CVE-2020-8450: Fixed a buff...