ALSA-2026:8119 Important: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526 Squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 For...

[SECURITY] Fedora 42 Update: squid-6.14-1.fc42

Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial of Service DoS. The vulnerability occurs when an attacker sends a specially crafted HTTP Digest authentication request to a vulnerable Squid server. The request can cause the server to consume excessive CPU resources, leading to a DoS condition...

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial of Service DoS. An attacker is able to exploit this vulnerability by sending a specially crafted Gopher request to a vulnerable Squid server. The request would cause the Squid server to allocate a large amount of memory, which would eventually exhaust the...

SUSE CVE-2005-0175

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack...

[ASA-202105-10] squid: denial of service

Arch Linux Security Advisory ASA-202105-10 ========================================== Severity: High Date : 2021-05-19 CVE-ID : CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 Package : squid Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1949 Summary ======= The...

Exploit for Cross-site Scripting in Squid-Cache Squid

CVE-2018-19131 is a proof-of-concept exploit for a vulnerability in Squid, a caching and proxy server. The exploit is built using a Docker Compose application and is designed to demonstrate the vulnerability. The vulnerability is in the Squid version 3.5.27, which is the version used in the...

HTTP/HTTPS proxy support on NetScaler based on Traffic Policies Secure Web

This article describes how to configure NetScaler to proxy the traffic from MDX apps through a Proxy server like Squid, Bluecoat. Enterprises can proxy traffic configuring simple traffic rules on NetScaler box...

squid: SIGSEGV in ESIContext response handling

An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack...

Fedora Update for squid FEDORA-2014-4800

Check for the Version of squid OpenVAS Vulnerability Test Fedora Update for squid FEDORA-2014-4800 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

security flaw

Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service daemon restart...

DEBIAN-CVE-2005-0173

squidldapauth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists ACLs via a username with a space at the beginning or end, which is ignored by the LDAP server...

Mandrake Linux Security Advisory : squid (MDKSA-2005:034)

More vulnerabilities were discovered in the squid server : The LDAP handling of search filters was inadequate which could be abused to allow logins using severial variants of a single login name, possibly bypassing explicit access controls CVE-2005-0173. Minor problems in the HTTP header parsing...

DEBIAN-CVE-2005-0097

The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service crash via a malformed NTLM type 3 message that triggers a NULL dereference...

Squid ntlm_check_auth Function NTLM Authentication Helper Password Handling Remote Overflow

The remote server is affected by a remote code execution vulnerability in the Squid Internet Object Cache server due to a failure to test the length of the user-supplied LanMan hash value in the ntlmcheckauth function in libntlmssp.c. An unauthenticated, remote attacker can exploit this, via a...

[DER #11] - Remotey exploitable fmt string bug in squid

------------------------------------------- - DAVID EVLIS REIGN SECURITY ADVISORY 11 - ------------------------------------------- - WHAT - Remotely Exploitable Format string Hole - WHO - MSNT squid auth for NtDomains - DETAILS ON PRODUCT - This is an authentication module for the Squid proxy...