6120 matches found
Astra Linux – Vulnerability in Squid
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URNs due to incorrect buffer management. This issue has been fixed in version 6.4. To address this problem, disable URN access...
Astra Linux – Vulnerability in Squid
Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. Due to an out-of-bounds write vulnerability when assigning ESI variables, Squid is susceptible to a memory corruption error. This error can lead to a denial-of-service attack...
Astra Linux – Vulnerability in Squid
A buffer overflow was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers were vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations were sent to a...
Astra Linux – Vulnerability in Squid
A issue was discovered in Squid 4.9 through 4.17, and also in versions 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, sensitive information about clients using the proxy may be exposed through an HTTPS request to an internal cache manager URL. This issue has been fixed in versi...
Astra Linux – Vulnerability in Squid
A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack targeting all clients using the proxy through HTTP Range request processing...
Astra Linux – Vulnerability in Squid
A issue was discovered in Squid before versions 4.15 and 5.x before version 5.0.6. An integer overflow problem allows a remote server to cause a Denial of Service when delivering responses to HTTP Range requests. The issue is triggered by a header that is expected to exist in HTTP traffic, withou...
Astra Linux – Vulnerability in Squid
A issue was discovered in Squid before version 4.15 and 5.x before version 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack targeting all clients using the proxy. A client sends an HTTP Range request to trigger this vulnerability...
Astra Linux – Vulnerability in Squid
Squid is a caching proxy for the Web. Due to an uncontrolled recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack involving HTTP request parsing. This issue allows a remote client to carr...
Astra Linux – Vulnerability in Squid
Squid is vulnerable to a Denial of Service attack, where a remote attacker can carry out a buffer overflow attack by writing up to 2 MB of arbitrary data into heap memory when Squid is configured to accept HTTP Digest Authentication...
Astra Linux – Vulnerability in Squid
SQUID is vulnerable to HTTP request smuggling, which is caused by the laxity of the chunked decoder. This allows a remote attacker to perform Request/Response smuggling beyond the firewall and frontend security systems...
Astra Linux – Vulnerability in Squid
Squid is a caching proxy for the Web that supports HTTP, HTTPS, FTP, and other protocols. Due to a NULL pointer dereference bug, Squid is vulnerable to Denial of Service attacks targeting its Gopher gateway. The Gopher protocol was always available and enabled in Squid prior to Squid 6.0.1...
Astra Linux – Vulnerability in Squid
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, a Denial of Service can occur due to improper buffer management when processing long Gopher server responses...
Astra Linux – Vulnerability in Squid
In versions 4.14 and 5.x through 5.0.5, in some configurations, the Squid vulnerability allows information disclosure due to an out-of-bounds read in the WCCP protocol data. This vulnerability can be exploited as part of a chain for remote code execution, as there is no one to protect it...
Astra Linux – Vulnerability in Squid
A issue was discovered in Squid 4.x before 4.15, and in 5.x before 5.0.6. If a remote server sends a certain response header via HTTP or HTTPS, it can lead to a denial of service. This header can potentially appear in legitimate network traffic...
Oracle Linux 7 : squid (ELSA-2026-8880)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8880 advisory. - Security update for CVE-2026-32748 CVE-2026-33526 Orabug: 39230173 - Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via -...
squid security update
7:3.5.20-17.0.11.13 - Security update for CVE-2026-32748 CVE-2026-33526 Orabug: 39230173 7:3.5.20-17.0.9.13 - Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via - authentication credential leakage in error handling Orabug: 38587551 7:3.5.20-17.0.7.13 - Fixes CVE-2025-5457...
Friday Squid Blogging: Bigfin Squid
Article about the bigfin squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...
Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia
Evidence of them has been found by analyzing DNA in the seawater. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...
CLSA-2026-1778252773 squid: Fix of CVE-2022-41317
CVE-2022-41317: fix exposure of sensitive cache manager information via non-HTTP URI schemes due to typo in default manager ACL regex...
TencentOS Server 2: squid (TSSA-2026:0280)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0280 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...