Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Squid vulnerabilities (USN-8157-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8157-1 advisory. It was discovered that Squid incorrectly handled certain ICP traffic. In environments where ICP support is enabled, a remote attacker...

Updated squid packages fix security vulnerabilities

Squid mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c. CVE-2025-59362 Squid vulnerable to information disclosure via authentication credential leakage in error handling. CVE-2025-62168 Squid vulnerable to Denial of Service in ICP Request handling...

USN-8157-1 squid vulnerabilities

It was discovered that Squid incorrectly handled certain ICP traffic. In environments where ICP support is enabled, a remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or obtain small amounts of sensitive information...

RHEL 9 : squid (RHSA-2026:6301)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:6301 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: Squid: Denia...

MiracleLinux 9 : squid-5.5-13.el9_4 (AXSA:2024-8595:05)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8595:05 advisory. squid: vulnerable to a Denial of Service attack against Cache Manager error responses CVE-2024-23638 squid: Out-of-bounds write error may lead to...

MiracleLinux 8 : squid:4 (AXSA:2021-1405:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1405:01 advisory. squid: Improper input validation in request allows for proxy manipulation CVE-2019-12520 squid: Off-by-one error in addStackElement allows for heap...

MiracleLinux 8 : squid:4 (AXSA:2021-2820:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2820:01 advisory. squid: denial of service in URN processing CVE-2021-28651 squid: denial of service issue in Cache Manager CVE-2021-28652 squid: denial of service in...

MiracleLinux 9 : squid-5.5-6.el9.1 (AXSA:2023-6903:05)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6903:05 advisory. squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 squid:...

MiracleLinux 7 : squid-3.5.20-15.el7.1 (AXSA:2020-050:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-050:02 advisory. squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow CVE-2019-12519 squid: improper access restriction up...

EUVD-2002-0705

Malware in sbrugna...

EUVD-2005-0627

Malware in sbrugna...

TencentOS Server 3: squid:4 (TSSA-2024:0001)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0001 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0135: squid:4 (ALINUX3-SA-2023:0135)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0135 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-46846: SQUID is vulnerable to HTT...

Alibaba Cloud Linux 3 : 0124: squid:4 (ALINUX3-SA-2022:0124)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0124 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-12519: An issue was discovered in...

Alibaba Cloud Linux 3 : 0132: squid:4 (ALINUX3-SA-2022:0132)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0132 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-28116: Squid through 4.14 and 5.x...

Alibaba Cloud Linux 3 : 0250: squid:4 (ALINUX3-SA-2024:0250)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0250 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-23638: Squid is a caching proxy f...

RHEL 8 : squid:4 (RHSA-2024:9644)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9644 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid:...

RockyLinux 8 : squid:4 (RLSA-2024:9644)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:9644 advisory. squid: vulnerable to a Denial of Service attack against Cache Manager error responses CVE-2024-23638 squid: Denial of Service processing ESI response...

Oracle Linux 8 : squid (ELSA-2024-9644)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9644 advisory. - Resolves: RHEL-22593 - CVE-2024-23638 squid:4/squid: vulnerable to a Denial of Service attack against Cache Manager error responses - Resolves:...

Fedora 37 : squid (2022-102c59d287)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-102c59d287 advisory. - version update to 5.7. - security fixes CVE-2022-41317 Tenable has extracted the preceding description block directly from the Fedora security...