Lucene search
UbuntuUSN-2327-1HistoryAug 28, 2014 - 12:00 a.m.
Squid 3 vulnerability
2014-08-2800:00:00
ubuntu.com
37
6.2 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.965 High
EPSS
Percentile
99.6%
Releases
- Ubuntu 14.04 ESM
- Ubuntu 12.04
Packages
- squid3 - Web proxy cache server
Details
Matthew Daley discovered that Squid 3 did not properly perform input
validation in request parsing. A remote attacker could send crafted Range
requests to cause a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 14.04 | noarch | squid3 | < 3.3.8-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | squid | < 3.3.8-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | squid-cgi | < 3.3.8-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | squid-purge | < 3.3.8-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | squid3-dbg | < 3.3.8-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | squidclient | < 3.3.8-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | squid3 | < 3.1.19-1ubuntu3.12.04.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | squid | < 3.1.19-1ubuntu3.12.04.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | squid-cgi | < 3.1.19-1ubuntu3.12.04.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | squid3-dbg | < 3.1.19-1ubuntu3.12.04.3 | UNKNOWN |
References
Related
nessus
nessus
openSUSE Security Update : squid (openSUSE-SU-2014:1144-1)
2014-09-22 00:00:00
Oracle Linux 7 : squid (ELSA-2014-1147)
2014-09-04 00:00:00
Mandriva Linux Security Advisory : squid (MDVSA-2014:177)
2014-09-12 00:00:00
openvas
openvas
Debian Security Advisory DSA 3014-1 (squid3 - security update)
2014-08-28 00:00:00
Debian: Security Advisory (DLA-216-1)
2023-03-08 00:00:00
Squid HTTP Range Request Handling DoS Vulnerability (SQUID-2014:2)
2015-09-08 00:00:00
prion
prion
Design/Logic Flaw
2014-09-11 18:55:00
debian
debian
[SECURITY] [DSA 3139-1] squid security update
2015-01-25 16:37:50
[SECURITY] [DSA 3014-1] squid3 security update
2014-08-28 15:36:10
[SECURITY] [DSA 3139-1] squid security update
2015-01-25 16:37:50
osv
osv
squid3 - security update
2014-08-28 00:00:00
squid - security update
2015-05-01 00:00:00
squid3 - security update
2014-09-04 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: squid-3.3.13-1.fc20
2014-09-05 22:21:00
[SECURITY] Fedora 21 Update: squid-3.4.7-1.fc21
2014-09-23 04:45:05
[SECURITY] Fedora 20 Update: squid-3.3.13-2.fc20
2014-10-14 04:46:09
redhat
redhat
(RHSA-2014:1147) Important: squid security update
2014-09-03 00:00:00
(RHSA-2014:1148) Important: squid security update
2014-09-03 00:00:00
cve
cve
CVE-2014-3609
2014-09-11 18:55:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:11:40
oraclelinux
oraclelinux
squid security update
2014-09-03 00:00:00
squid security update
2014-09-03 00:00:00
mageia
mageia
Updated squid packages fix CVE-2014-3609
2014-09-05 13:07:37
suse
suse
Security update for squid3 (important)
2014-09-18 00:05:25
securityvulns
securityvulns
squid DoS
2014-09-02 00:00:00
[SECURITY] [DSA 3014-1] squid3 security update
2014-09-02 00:00:00
centos
centos
squid security update
2014-09-03 23:09:15
squid security update
2014-09-03 23:16:08
checkpoint_advisories
checkpoint_advisories
Squid Range Header Denial of Service (CVE-2014-3609)
2014-09-22 00:00:00
ubuntucve
ubuntucve
CVE-2014-3609
2014-08-28 00:00:00
debiancve
debiancve
CVE-2014-3609
2014-09-11 18:55:00
amazon
amazon
Important: squid
2014-09-17 21:47:00
Important: squid
2014-10-22 20:04:00
6.2 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.965 High
EPSS
Percentile
99.6%
Related for USN-2327-1