## Releases
* Ubuntu 17.10
* Ubuntu 16.04 ESM
* Ubuntu 14.04 ESM
## Packages
* squid3 \- Web proxy cache server
Mathias Fischer discovered that Squid incorrectly handled certain long
strings in headers. A malicious remote server could possibly cause Squid to
crash, resulting in a denial of service. This issue was only addressed in
Ubuntu 16.04 LTS. (CVE-2016-2569)
William Lima discovered that Squid incorrectly handled XML parsing when
processing Edge Side Includes (ESI). A malicious remote server could
possibly cause Squid to crash, resulting in a denial of service. This issue
was only addressed in Ubuntu 16.04 LTS. (CVE-2016-2570)
Alex Rousskov discovered that Squid incorrectly handled response-parsing
failures. A malicious remote server could possibly cause Squid to crash,
resulting in a denial of service. This issue only applied to Ubuntu 16.04
LTS. (CVE-2016-2571)
Santiago Ruano Rincón discovered that Squid incorrectly handled certain
Vary headers. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. This issue was only
addressed in Ubuntu 16.04 LTS. (CVE-2016-3948)
Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge
Side Includes (ESI) responses. A malicious remote server could possibly
cause Squid to crash, resulting in a denial of service. (CVE-2018-1000024)
Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge
Side Includes (ESI) responses. A malicious remote server could possibly
cause Squid to crash, resulting in a denial of service. (CVE-2018-1000027)
{"nessus": [{"lastseen": "2023-01-13T14:32:15", "description": "Mathias Fischer discovered that Squid incorrectly handled certain long strings in headers. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-2569)\n\nWilliam Lima discovered that Squid incorrectly handled XML parsing when processing Edge Side Includes (ESI). A malicious remote server could possibly cause Squid to crash, resulting in a denial of service.\nThis issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-2570)\n\nAlex Rousskov discovered that Squid incorrectly handled response-parsing failures. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS. (CVE-2016-2571)\n\nSantiago Ruano Rincon discovered that Squid incorrectly handled certain Vary headers. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-3948)\n\nLouis Dion-Marcil discovered that Squid incorrectly handled certain Edge Side Includes (ESI) responses. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service.\n(CVE-2018-1000024)\n\nLouis Dion-Marcil discovered that Squid incorrectly handled certain Edge Side Includes (ESI) responses. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service.\n(CVE-2018-1000027).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-06T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : squid3 vulnerabilities (USN-3557-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-3948", "CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:squid3", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:17.10"], "id": "UBUNTU_USN-3557-1.NASL", "href": "https://www.tenable.com/plugins/nessus/106619", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3557-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106619);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-3948\", \"CVE-2018-1000024\", \"CVE-2018-1000027\");\n script_xref(name:\"USN\", value:\"3557-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : squid3 vulnerabilities (USN-3557-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Mathias Fischer discovered that Squid incorrectly handled certain long\nstrings in headers. A malicious remote server could possibly cause\nSquid to crash, resulting in a denial of service. This issue was only\naddressed in Ubuntu 16.04 LTS. (CVE-2016-2569)\n\nWilliam Lima discovered that Squid incorrectly handled XML parsing\nwhen processing Edge Side Includes (ESI). A malicious remote server\ncould possibly cause Squid to crash, resulting in a denial of service.\nThis issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-2570)\n\nAlex Rousskov discovered that Squid incorrectly handled\nresponse-parsing failures. A malicious remote server could possibly\ncause Squid to crash, resulting in a denial of service. This issue\nonly applied to Ubuntu 16.04 LTS. (CVE-2016-2571)\n\nSantiago Ruano Rincon discovered that Squid incorrectly handled\ncertain Vary headers. A remote attacker could possibly use this issue\nto cause Squid to crash, resulting in a denial of service. This issue\nwas only addressed in Ubuntu 16.04 LTS. (CVE-2016-3948)\n\nLouis Dion-Marcil discovered that Squid incorrectly handled certain\nEdge Side Includes (ESI) responses. A malicious remote server could\npossibly cause Squid to crash, resulting in a denial of service.\n(CVE-2018-1000024)\n\nLouis Dion-Marcil discovered that Squid incorrectly handled certain\nEdge Side Includes (ESI) responses. A malicious remote server could\npossibly cause Squid to crash, resulting in a denial of service.\n(CVE-2018-1000027).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3557-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected squid3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|17\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 17.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"squid3\", pkgver:\"3.3.8-1ubuntu6.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"squid3\", pkgver:\"3.5.12-1ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"squid3\", pkgver:\"3.5.23-5ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:39:05", "description": "The following packages have been upgraded to a newer upstream version:\nsquid (3.5.20).\n\nSecurity Fix(es) :\n\n - Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)\n\n - It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n - An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes :", "cvss3": {}, "published": "2016-12-15T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : squid on SL7.x x86_64 (20161103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3948"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:squid", "p-cpe:/a:fermilab:scientific_linux:squid-debuginfo", "p-cpe:/a:fermilab:scientific_linux:squid-migration-script", "p-cpe:/a:fermilab:scientific_linux:squid-sysvinit", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20161103_SQUID_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/95860", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95860);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3948\");\n\n script_name(english:\"Scientific Linux Security Update : squid on SL7.x x86_64 (20161103)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following packages have been upgraded to a newer upstream version:\nsquid (3.5.20).\n\nSecurity Fix(es) :\n\n - Incorrect boundary checks were found in the way squid\n handled headers in HTTP responses, which could lead to\n an assertion failure. A malicious HTTP server could use\n this flaw to crash squid using a specially crafted HTTP\n response. (CVE-2016-2569, CVE-2016-2570)\n\n - It was found that squid did not properly handle errors\n when failing to parse an HTTP response, possibly leading\n to an assertion failure. A malicious HTTP server could\n use this flaw to crash squid using a specially crafted\n HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n - An incorrect boundary check was found in the way squid\n handled the Vary header in HTTP responses, which could\n lead to an assertion failure. A malicious HTTP server\n could use this flaw to crash squid using a specially\n crafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes :\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1612&L=scientific-linux-errata&F=&S=&P=2373\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9fb948f5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-3.5.20-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.5.20-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-migration-script-3.5.20-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.5.20-2.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-migration-script / squid-sysvinit\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:38:57", "description": "An update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nThe following packages have been upgraded to a newer upstream version:\nsquid (3.5.20). (BZ#1273942, BZ#1349775)\n\nSecurity Fix(es) :\n\n* Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)\n\n* It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n* An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.", "cvss3": {}, "published": "2016-11-28T00:00:00", "type": "nessus", "title": "CentOS 7 : squid (CESA-2016:2600)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3948"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:squid", "p-cpe:/a:centos:centos:squid-migration-script", "p-cpe:/a:centos:centos:squid-sysvinit", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2016-2600.NASL", "href": "https://www.tenable.com/plugins/nessus/95346", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2600 and \n# CentOS Errata and Security Advisory 2016:2600 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95346);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3948\");\n script_xref(name:\"RHSA\", value:\"2016:2600\");\n\n script_name(english:\"CentOS 7 : squid (CESA-2016:2600)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nThe following packages have been upgraded to a newer upstream version:\nsquid (3.5.20). (BZ#1273942, BZ#1349775)\n\nSecurity Fix(es) :\n\n* Incorrect boundary checks were found in the way squid handled\nheaders in HTTP responses, which could lead to an assertion failure. A\nmalicious HTTP server could use this flaw to crash squid using a\nspecially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)\n\n* It was found that squid did not properly handle errors when failing\nto parse an HTTP response, possibly leading to an assertion failure. A\nmalicious HTTP server could use this flaw to crash squid using a\nspecially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n* An incorrect boundary check was found in the way squid handled the\nVary header in HTTP responses, which could lead to an assertion\nfailure. A malicious HTTP server could use this flaw to crash squid\nusing a specially crafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2016-November/003661.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ac10adbf\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-2569\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-3.5.20-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-migration-script-3.5.20-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.5.20-2.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-migration-script / squid-sysvinit\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:39:41", "description": "An update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nThe following packages have been upgraded to a newer upstream version:\nsquid (3.5.20). (BZ#1273942, BZ#1349775)\n\nSecurity Fix(es) :\n\n* Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)\n\n* It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n* An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.", "cvss3": {}, "published": "2016-11-04T00:00:00", "type": "nessus", "title": "RHEL 7 : squid (RHSA-2016:2600)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3948"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squid", "p-cpe:/a:redhat:enterprise_linux:squid-debuginfo", "p-cpe:/a:redhat:enterprise_linux:squid-migration-script", "p-cpe:/a:redhat:enterprise_linux:squid-sysvinit", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2016-2600.NASL", "href": "https://www.tenable.com/plugins/nessus/94563", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2600. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94563);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3948\");\n script_xref(name:\"RHSA\", value:\"2016:2600\");\n\n script_name(english:\"RHEL 7 : squid (RHSA-2016:2600)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nThe following packages have been upgraded to a newer upstream version:\nsquid (3.5.20). (BZ#1273942, BZ#1349775)\n\nSecurity Fix(es) :\n\n* Incorrect boundary checks were found in the way squid handled\nheaders in HTTP responses, which could lead to an assertion failure. A\nmalicious HTTP server could use this flaw to crash squid using a\nspecially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)\n\n* It was found that squid did not properly handle errors when failing\nto parse an HTTP response, possibly leading to an assertion failure. A\nmalicious HTTP server could use this flaw to crash squid using a\nspecially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n* An incorrect boundary check was found in the way squid handled the\nVary header in HTTP responses, which could lead to an assertion\nfailure. A malicious HTTP server could use this flaw to crash squid\nusing a specially crafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:2600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2570\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-3948\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:2600\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-3.5.20-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-3.5.20-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-debuginfo-3.5.20-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.5.20-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-migration-script-3.5.20-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-migration-script-3.5.20-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"squid-sysvinit-3.5.20-2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.5.20-2.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-migration-script / squid-sysvinit\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:39:36", "description": "From Red Hat Security Advisory 2016:2600 :\n\nAn update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nThe following packages have been upgraded to a newer upstream version:\nsquid (3.5.20). (BZ#1273942, BZ#1349775)\n\nSecurity Fix(es) :\n\n* Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)\n\n* It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n* An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : squid (ELSA-2016-2600)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3948"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:squid", "p-cpe:/a:oracle:linux:squid-migration-script", "p-cpe:/a:oracle:linux:squid-sysvinit", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2016-2600.NASL", "href": "https://www.tenable.com/plugins/nessus/94719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:2600 and \n# Oracle Linux Security Advisory ELSA-2016-2600 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94719);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3948\");\n script_xref(name:\"RHSA\", value:\"2016:2600\");\n\n script_name(english:\"Oracle Linux 7 : squid (ELSA-2016-2600)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:2600 :\n\nAn update for squid is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nSquid is a high-performance proxy caching server for web clients,\nsupporting FTP, Gopher, and HTTP data objects.\n\nThe following packages have been upgraded to a newer upstream version:\nsquid (3.5.20). (BZ#1273942, BZ#1349775)\n\nSecurity Fix(es) :\n\n* Incorrect boundary checks were found in the way squid handled\nheaders in HTTP responses, which could lead to an assertion failure. A\nmalicious HTTP server could use this flaw to crash squid using a\nspecially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)\n\n* It was found that squid did not properly handle errors when failing\nto parse an HTTP response, possibly leading to an assertion failure. A\nmalicious HTTP server could use this flaw to crash squid using a\nspecially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n* An incorrect boundary check was found in the way squid handled the\nVary header in HTTP responses, which could lead to an assertion\nfailure. A malicious HTTP server could use this flaw to crash squid\nusing a specially crafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-November/006487.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"squid-3.5.20-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"squid-migration-script-3.5.20-2.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.5.20-2.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-migration-script / squid-sysvinit\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:22:52", "description": "According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header.(CVE-2016-2569)\n\n - The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h.(CVE-2016-2570)\n\n - http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.(CVE-2016-2571)\n\n - http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.(CVE-2016-2572)\n\n - Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.(CVE-2016-3948)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-05-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : squid (EulerOS-SA-2016-1056)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3948"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:squid", "p-cpe:/a:huawei:euleros:squid-migration-script", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2016-1056.NASL", "href": "https://www.tenable.com/plugins/nessus/99818", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99818);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-2569\",\n \"CVE-2016-2570\",\n \"CVE-2016-2571\",\n \"CVE-2016-2572\",\n \"CVE-2016-3948\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : squid (EulerOS-SA-2016-1056)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the squid packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not\n properly append data to String objects, which allows\n remote servers to cause a denial of service (assertion\n failure and daemon exit) via a long string, as\n demonstrated by a crafted HTTP Vary\n header.(CVE-2016-2569)\n\n - The Edge Side Includes (ESI) parser in Squid 3.x before\n 3.5.15 and 4.x before 4.0.7 does not check buffer\n limits during XML parsing, which allows remote HTTP\n servers to cause a denial of service (assertion failure\n and daemon exit) via a crafted XML document, related to\n esi/CustomParser.cc and\n esi/CustomParser.h.(CVE-2016-2570)\n\n - http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7\n proceeds with the storage of certain data after a\n response-parsing failure, which allows remote HTTP\n servers to cause a denial of service (assertion failure\n and daemon exit) via a malformed\n response.(CVE-2016-2571)\n\n - http.cc in Squid 4.x before 4.0.7 relies on the HTTP\n status code after a response-parsing failure, which\n allows remote HTTP servers to cause a denial of service\n (assertion failure and daemon exit) via a malformed\n response.(CVE-2016-2572)\n\n - Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly\n perform bounds checking, which allows remote attackers\n to cause a denial of service via a crafted HTTP\n response, related to Vary headers.(CVE-2016-3948)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1056\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?08d2a575\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"squid-3.5.20-2\",\n \"squid-migration-script-3.5.20-2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T16:32:12", "description": "Squid security advisory 2016:2 reports :\n\nDue to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses.\n\nThese problems allow remote servers delivering certain unusual HTTP response syntax to trigger a denial of service for all clients accessing the Squid service.\n\nHTTP responses containing malformed headers that trigger this issue are becoming common. We are not certain at this time if that is a sign of malware or just broken server scripting.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-25T00:00:00", "type": "nessus", "title": "FreeBSD : squid -- remote DoS in HTTP response processing (660ebbf5-daeb-11e5-b2bd-002590263bf5)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:squid", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_660EBBF5DAEB11E5B2BD002590263BF5.NASL", "href": "https://www.tenable.com/plugins/nessus/88944", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88944);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\");\n\n script_name(english:\"FreeBSD : squid -- remote DoS in HTTP response processing (660ebbf5-daeb-11e5-b2bd-002590263bf5)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Squid security advisory 2016:2 reports :\n\nDue to incorrect bounds checking Squid is vulnerable to a denial of\nservice attack when processing HTTP responses.\n\nThese problems allow remote servers delivering certain unusual HTTP\nresponse syntax to trigger a denial of service for all clients\naccessing the Squid service.\n\nHTTP responses containing malformed headers that trigger this issue\nare becoming common. We are not certain at this time if that is a sign\nof malware or just broken server scripting.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207454\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2016_2.txt\"\n );\n # http://www.openwall.com/lists/oss-security/2016/02/24/12\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openwall.com/lists/oss-security/2016/02/24/12\"\n );\n # https://vuxml.freebsd.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?241be2f2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"squid<3.5.15\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:39:13", "description": "Versions of Squid 3.5.x prior to 3.5.15 are affected by multiple vulnerabilities :\n\n - A flaw is triggered when performing improper bounds checks on specially crafted HTTP responses. This may allow a remote attacker to cause a denial of service. \n - A flaw is triggered as bounds are not properly checked when processing HTTP responses. This may allow a remote attacker to cause a denial of service for all clients accessing the service.\n - An overflow condition exists in the 'Icmp6::Recv()' function in 'icmp/Icmp6.cc' of the pinger binary. The issue is triggered as user-supplied input is not properly validated when handling specially crafted ICMPv6 packets. This may allow a remote attacker to cause a buffer overflow, crashing the pinger process or potentially leaking data into log files.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Squid 3.5.x < 3.5.15 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-3947", "CVE-2016-3948"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*"], "id": "9774.PRM", "href": "https://www.tenable.com/plugins/nnm/9774", "sourceData": "Binary data 9774.prm", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T16:34:26", "description": "According to its banner, the version of Squid running on the remote host is 3.x prior to 3.5.15 or 4.x prior to 4.0.7. It is, therefore, potentially affected by multiple denial of service vulnerabilities :\n\n - A flaw exists due to not properly appending data to String objects. A remote attacker can exploit this, via a crafted HTTP Vary header, to cause an assertion failure and daemon exit, resulting in a denial of service. (CVE-2016-2569)\n\n - A flaw exists in the Edge Side Includes (ESI) parser due to a failure to check buffer limits during XML parsing.\n A remote attacker can exploit this, via a crafted XML document, to cause an assertion failure and daemon exit, resulting in a denial of service. (CVE-2016-2570)\n\n - A flaw exists in http.cc that allows the storage of certain data even after a response-parsing failure. A remote attacker can exploit this, via a malformed server response, to cause an assertion failure and daemon exit, resulting in a denial of service.\n CVE-2016-2571)\n\n - A flaw exists in http.cc due to reliance on the HTTP status code even after a response-parsing failure. A remote attacker can exploit this, via a malformed server response, to cause an assertion failure and daemon exit, resulting in a denial of service.\n (CVE-2016-2572)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.\nFurthermore, the patch released to address these issues does not update the version given in the banner. If the patch has been applied properly, and the service has been restarted, then consider this to be a false positive.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-03-02T00:00:00", "type": "nessus", "title": "Squid 3.x < 3.5.15 / 4.x < 4.0.7 Multiple DoS", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:squid-cache:squid"], "id": "SQUID_4_0_7.NASL", "href": "https://www.tenable.com/plugins/nessus/89080", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89080);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2016-2569\",\n \"CVE-2016-2570\",\n \"CVE-2016-2571\",\n \"CVE-2016-2572\"\n );\n\n script_name(english:\"Squid 3.x < 3.5.15 / 4.x < 4.0.7 Multiple DoS\");\n script_summary(english:\"Checks the version of Squid.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy server is potentially affected by multiple denial of\nservice vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Squid running on the remote\nhost is 3.x prior to 3.5.15 or 4.x prior to 4.0.7. It is, therefore,\npotentially affected by multiple denial of service vulnerabilities :\n\n - A flaw exists due to not properly appending data to\n String objects. A remote attacker can exploit this, via\n a crafted HTTP Vary header, to cause an assertion\n failure and daemon exit, resulting in a denial of\n service. (CVE-2016-2569)\n\n - A flaw exists in the Edge Side Includes (ESI) parser due\n to a failure to check buffer limits during XML parsing.\n A remote attacker can exploit this, via a crafted XML\n document, to cause an assertion failure and daemon exit,\n resulting in a denial of service. (CVE-2016-2570)\n\n - A flaw exists in http.cc that allows the storage of\n certain data even after a response-parsing failure. A\n remote attacker can exploit this, via a malformed\n server response, to cause an assertion failure and\n daemon exit, resulting in a denial of service.\n CVE-2016-2571)\n\n - A flaw exists in http.cc due to reliance on the HTTP\n status code even after a response-parsing failure. A\n remote attacker can exploit this, via a malformed\n server response, to cause an assertion failure and\n daemon exit, resulting in a denial of service.\n (CVE-2016-2572)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\nFurthermore, the patch released to address these issues does not\nupdate the version given in the banner. If the patch has been applied\nproperly, and the service has been restarted, then consider this to be\na false positive.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_2.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Squid version 3.5.15 / 4.0.7 or later. Alternatively, apply\nthe vendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-2572\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/02\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squid-cache:squid\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"squid_version.nasl\");\n script_require_keys(\"www/squid\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/http_proxy\", 3128, 8080);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp=\"Squid\";\n\n# Build a list of ports from the\nlist = get_kb_list(\"http_proxy/*/squid/version\");\nif (empty_or_null(list)) audit(AUDIT_NOT_INST, app);\n\n# banner checks of open source software are prone to false-\n# positives so only run the check if reporting is paranoid.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nitem = branch(keys(list));\n\nport = ereg_replace(pattern:'^http_proxy/([0-9]+)/squid/version', replace:'\\\\1', string:item);\nversion = list[item];\n\nif(\n version =~ \"^3\\.5([^0-9.]|$)\" ||\n version =~ \"^4\\.0([^0-9.]|$)\"\n) audit(AUDIT_VER_NOT_GRANULAR, app, port, version);\n\nfix = '';\n\nif (\n version =~ \"^3\\.[0-4]\\.\" ||\n version =~ \"^3\\.5\\.([0-9]|1[0-4])([^0-9]|$)\"\n)\n fix = '3.5.15';\nelse if (version =~ \"^4\\.0\\.[0-6]([^0-9]|$)\")\n fix = '4.0.7';\nelse audit(AUDIT_LISTEN_NOT_VULN, app, port, version);\n\nif (!empty_or_null(fix))\n{\n source = get_kb_item('http_proxy/'+port+'/squid/source');\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed versions : ' + fix +\n '\\n';\n security_report_v4(port:port, severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app, port, version);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:49:43", "description": "The Squid Software Foundation Squid HTTP Caching Proxy contains a NULL pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request.(CVE-2018-1000027)\n\nThe Squid Software Foundation Squid HTTP Caching Proxy contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy..\nThis attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.(CVE-2018-1000024)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-20T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : squid (ALAS-2018-1081)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2018-09-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:squid", "p-cpe:/a:amazon:linux:squid-debuginfo", "p-cpe:/a:amazon:linux:squid-migration-script", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1081.NASL", "href": "https://www.tenable.com/plugins/nessus/117605", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1081.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117605);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/09/20 11:29:32\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n script_xref(name:\"ALAS\", value:\"2018-1081\");\n\n script_name(english:\"Amazon Linux AMI : squid (ALAS-2018-1081)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Squid Software Foundation Squid HTTP Caching Proxy contains a NULL\npointer Dereference vulnerability in HTTP Response X-Forwarded-For\nheader processing that can result in Denial of Service to all clients\nof the proxy. This attack appear to be exploitable via Remote HTTP\nserver responding with an X-Forwarded-For header to certain types of\nHTTP request.(CVE-2018-1000027)\n\nThe Squid Software Foundation Squid HTTP Caching Proxy contains a\nIncorrect Pointer Handling vulnerability in ESI Response Processing\nthat can result in Denial of Service for all clients using the proxy..\nThis attack appear to be exploitable via Remote server delivers an\nHTTP response payload containing valid but unusual ESI\nsyntax.(CVE-2018-1000024)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1081.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update squid' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"squid-3.5.20-11.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"squid-debuginfo-3.5.20-11.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"squid-migration-script-3.5.20-11.35.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-migration-script\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:41:23", "description": "This update for squid fixes the following issues: Security issues fixed :\n\n - CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI responses. This affects the default custom esi_parser (bsc#1077003).\n\n - CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien processing ESI responses or downloading intermediate CA certificates (bsc#1077006).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : squid (SUSE-SU-2018:0636-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:squid", "p-cpe:/a:novell:suse_linux:squid-debuginfo", "p-cpe:/a:novell:suse_linux:squid-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-0636-1.NASL", "href": "https://www.tenable.com/plugins/nessus/107252", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0636-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(107252);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n\n script_name(english:\"SUSE SLES12 Security Update : squid (SUSE-SU-2018:0636-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid fixes the following issues: Security issues\nfixed :\n\n - CVE-2018-1000024: DoS fix caused by incorrect pointer\n handling when processing ESI responses. This affects the\n default custom esi_parser (bsc#1077003).\n\n - CVE-2018-1000027: DoS fix caused by incorrect pointer\n handing whien processing ESI responses or downloading\n intermediate CA certificates (bsc#1077006).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1077003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1077006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000024/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000027/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180636-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4c4bed45\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2018-428=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-428=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-428=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"squid-3.5.21-26.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"squid-debuginfo-3.5.21-26.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"squid-debugsource-3.5.21-26.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"squid-3.5.21-26.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"squid-debuginfo-3.5.21-26.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"squid-debugsource-3.5.21-26.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:43:08", "description": "This update for squid fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI responses. This affects the default custom esi_parser (bsc#1077003).\n\n - CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien processing ESI responses or downloading intermediate CA certificates (bsc#1077006).\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : squid (openSUSE-2018-238)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-238.NASL", "href": "https://www.tenable.com/plugins/nessus/107245", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-238.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107245);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-2018-238)\");\n script_summary(english:\"Check for the openSUSE-2018-238 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-1000024: DoS fix caused by incorrect pointer\n handling when processing ESI responses. This affects the\n default custom esi_parser (bsc#1077003).\n\n - CVE-2018-1000027: DoS fix caused by incorrect pointer\n handing whien processing ESI responses or downloading\n intermediate CA certificates (bsc#1077006).\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1077003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1077006\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"squid-3.5.21-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"squid-debuginfo-3.5.21-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"squid-debugsource-3.5.21-12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:41:52", "description": "Squid, a high-performance proxy caching server for web clients, has been found vulnerable to denial of service attacks associated with ESI response processing and intermediate CA certificate downloading.\n\nCVE-2018-1000024\n\nIncorrect pointer handling resulted in the ability of a remote server to return a crafted ESI response which could trigger a denial of service for all clients accessing the Squid service. This issue affects the Squid custom ESI parser. \n\nCVE-2018-1000027\n\nIncorrect pointer handling resulted in the possibility of a remote client delivering certain HTTP requests in conjunction with certain trusted server reponses involving the processing of ESI responses or downloading of intermediate CA certificates to trigger a denial of service for all clients accessing the squid service.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 3.1.20-2.2+deb7u8.\n\nWe recommend that you upgrade your squid3 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-05T00:00:00", "type": "nessus", "title": "Debian DLA-1266-1 : squid3 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid-cgi", "p-cpe:/a:debian:debian_linux:squid3", "p-cpe:/a:debian:debian_linux:squid3-common", "p-cpe:/a:debian:debian_linux:squid3-dbg", "p-cpe:/a:debian:debian_linux:squidclient", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-1266.NASL", "href": "https://www.tenable.com/plugins/nessus/106589", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1266-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106589);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n\n script_name(english:\"Debian DLA-1266-1 : squid3 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Squid, a high-performance proxy caching server for web clients, has\nbeen found vulnerable to denial of service attacks associated with ESI\nresponse processing and intermediate CA certificate downloading.\n\nCVE-2018-1000024\n\nIncorrect pointer handling resulted in the ability of a remote server\nto return a crafted ESI response which could trigger a denial of\nservice for all clients accessing the Squid service. This issue\naffects the Squid custom ESI parser. \n\nCVE-2018-1000027\n\nIncorrect pointer handling resulted in the possibility of a remote\nclient delivering certain HTTP requests in conjunction with certain\ntrusted server reponses involving the processing of ESI responses or\ndownloading of intermediate CA certificates to trigger a denial of\nservice for all clients accessing the squid service.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.1.20-2.2+deb7u8.\n\nWe recommend that you upgrade your squid3 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/squid3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squidclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"squid-cgi\", reference:\"3.1.20-2.2+deb7u8\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3\", reference:\"3.1.20-2.2+deb7u8\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3-common\", reference:\"3.1.20-2.2+deb7u8\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3-dbg\", reference:\"3.1.20-2.2+deb7u8\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squidclient\", reference:\"3.1.20-2.2+deb7u8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:46:25", "description": "According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax..(CVE-2018-1000024)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. (CVE-2018-1000027)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-05-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : squid (EulerOS-SA-2018-1075)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:squid", "p-cpe:/a:huawei:euleros:squid-migration-script", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1075.NASL", "href": "https://www.tenable.com/plugins/nessus/109473", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109473);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1000024\",\n \"CVE-2018-1000027\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : squid (EulerOS-SA-2018-1075)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the squid packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The Squid Software Foundation Squid HTTP Caching Proxy\n version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a\n Incorrect Pointer Handling vulnerability in ESI\n Response Processing that can result in Denial of\n Service for all clients using the proxy.. This attack\n appear to be exploitable via Remote server delivers an\n HTTP response payload containing valid but unusual ESI\n syntax..(CVE-2018-1000024)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy\n version prior to version 4.0.23 contains a NULL Pointer\n Dereference vulnerability in HTTP Response\n X-Forwarded-For header processing that can result in\n Denial of Service to all clients of the proxy. This\n attack appear to be exploitable via Remote HTTP server\n responding with an X-Forwarded-For header to certain\n types of HTTP request. (CVE-2018-1000027)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1075\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?19f7dd83\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"squid-3.5.20-2.2.h2\",\n \"squid-migration-script-3.5.20-2.2.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:46:11", "description": "According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax..(CVE-2018-1000024)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. (CVE-2018-1000027)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-05-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : squid (EulerOS-SA-2018-1074)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:squid", "p-cpe:/a:huawei:euleros:squid-migration-script", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1074.NASL", "href": "https://www.tenable.com/plugins/nessus/109472", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109472);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1000024\",\n \"CVE-2018-1000027\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : squid (EulerOS-SA-2018-1074)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the squid packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The Squid Software Foundation Squid HTTP Caching Proxy\n version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a\n Incorrect Pointer Handling vulnerability in ESI\n Response Processing that can result in Denial of\n Service for all clients using the proxy.. This attack\n appear to be exploitable via Remote server delivers an\n HTTP response payload containing valid but unusual ESI\n syntax..(CVE-2018-1000024)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy\n version prior to version 4.0.23 contains a NULL Pointer\n Dereference vulnerability in HTTP Response\n X-Forwarded-For header processing that can result in\n Denial of Service to all clients of the proxy. This\n attack appear to be exploitable via Remote HTTP server\n responding with an X-Forwarded-For header to certain\n types of HTTP request. (CVE-2018-1000027)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1074\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8c6dc4d9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"squid-3.5.20-2.2.h2\",\n \"squid-migration-script-3.5.20-2.2.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:39:43", "description": "Louis Dion-Marcil reports :\n\nDue to incorrect pointer handling Squid is vulnerable to denial of service attack when processing ESI responses.\n\nThis problem allows a remote server delivering certain ESI response syntax to trigger a denial of service for all clients accessing the Squid service.\n\nDue to unrelated changes Squid-3.5 has become vulnerable to some regular ESI server responses also triggering this issue.\n\nThis problem is limited to the Squid custom ESI parser. Squid built to use libxml2 or libexpat XML parsers do not have this problem.\n\nDue to incorrect pointer handling Squid is vulnerable to denial of service attack when processing ESI responses or downloading intermediate CA certificates.\n\nThis problem allows a remote client delivering certain HTTP requests in conjunction with certain trusted server responses to trigger a denial of service for all clients accessing the Squid service.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-26T00:00:00", "type": "nessus", "title": "FreeBSD : squid -- Vulnerable to Denial of Service attack (d5b6d151-1887-11e8-94f7-9c5c8e75236a)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:squid", "p-cpe:/a:freebsd:freebsd:squid-devel", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_D5B6D151188711E894F79C5C8E75236A.NASL", "href": "https://www.tenable.com/plugins/nessus/106995", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106995);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:47\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n script_xref(name:\"DSA\", value:\"4122\");\n\n script_name(english:\"FreeBSD : squid -- Vulnerable to Denial of Service attack (d5b6d151-1887-11e8-94f7-9c5c8e75236a)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Louis Dion-Marcil reports :\n\nDue to incorrect pointer handling Squid is vulnerable to denial of\nservice attack when processing ESI responses.\n\nThis problem allows a remote server delivering certain ESI response\nsyntax to trigger a denial of service for all clients accessing the\nSquid service.\n\nDue to unrelated changes Squid-3.5 has become vulnerable to some\nregular ESI server responses also triggering this issue.\n\nThis problem is limited to the Squid custom ESI parser. Squid built to\nuse libxml2 or libexpat XML parsers do not have this problem.\n\nDue to incorrect pointer handling Squid is vulnerable to denial of\nservice attack when processing ESI responses or downloading\nintermediate CA certificates.\n\nThis problem allows a remote client delivering certain HTTP requests\nin conjunction with certain trusted server responses to trigger a\ndenial of service for all clients accessing the Squid service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2018_1.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2018_2.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=226138\"\n );\n # https://vuxml.freebsd.org/freebsd/d5b6d151-1887-11e8-94f7-9c5c8e75236a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e6701d7d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"squid<3.5.27_3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"squid-devel<4.0.23\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:53:35", "description": "According to its banner, the version of Squid running on the remote host is 3.x prior to 3.5.28, or 4.x prior to 4.0.23. It is, therefore, affected by multiple vulnerabilities:\n\n - A denial of service (DoS) vulnerability exists in the ESI response processing component due to incorrect pointer handling.\n A remote attacker controlled server can exploit this issue, via a crafted ESI response, to cause a denial of service for all clients accessing the Squid service (CVE-2018-1000024)\n\n - A denial of service (DoS) vulnerability exists in the HTTP message processing component due to incorrect pointer handling.\n An unauthenticated remote attacker can exploit this issue, via a crafted HTTP request, to cause a denial of service for all clients accessing the Squid service (CVE-2018-1000027)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-17T00:00:00", "type": "nessus", "title": "Squid 3.x < 3.5.28 / 4.x < 4.0.23 Multiple Denial of Service Vulnerabilities (SQUID-2018:1) (SQUID-2018:2)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2019-10-31T00:00:00", "cpe": ["cpe:/a:squid-cache:squid"], "id": "SQUID_2018_2.NASL", "href": "https://www.tenable.com/plugins/nessus/119724", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119724);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n\n script_name(english:\"Squid 3.x < 3.5.28 / 4.x < 4.0.23 Multiple Denial of Service Vulnerabilities (SQUID-2018:1) (SQUID-2018:2)\");\n script_summary(english:\"Checks the version of Squid.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Squid running on the remote\nhost is 3.x prior to 3.5.28, or 4.x prior to 4.0.23. It\nis, therefore, affected by multiple vulnerabilities:\n\n - A denial of service (DoS) vulnerability exists in the ESI\n response processing component due to incorrect pointer handling.\n A remote attacker controlled server can exploit this issue, via a\n crafted ESI response, to cause a denial of service for all\n clients accessing the Squid service (CVE-2018-1000024)\n\n - A denial of service (DoS) vulnerability exists in the HTTP\n message processing component due to incorrect pointer handling.\n An unauthenticated remote attacker can exploit this issue, via a\n crafted HTTP request, to cause a denial of service for all\n clients accessing the Squid service (CVE-2018-1000027)\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2018_1.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squid-cache.org/Advisories/SQUID-2018_2.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Squid version 3.5.28 or 4.0.23 or later. Alternatively,\napply the vendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000024\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/17\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squid-cache:squid\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"squid_version.nasl\");\n script_require_keys(\"installed_sw/Squid\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/http_proxy\", 3128, 8080);\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"http.inc\");\n\napp = \"Squid\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:3128);\n\napp_info = vcf::get_app_info(app:app, port:port, webapp:TRUE);\n\n# Affected versions: Squid 3.x -> 3.5.27\n# Squid 4.x -> 4.0.22\n# Fixed in version: Squid 3.5.28, 4.0.23\nconstraints = [\n {\"min_version\":\"3.0\", \"fixed_version\":\"3.5.28\"},\n {\"min_version\":\"4.0\", \"fixed_version\":\"4.0.23\"}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:43:58", "description": "This update for squid3 fixes the following issues: Security issues fixed :\n\n - CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI responses. This affects the default custom esi_parser (bsc#1077003).\n\n - CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien processing ESI responses or downloading intermediate CA certificates (bsc#1077006).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-22T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : squid3 (SUSE-SU-2018:0752-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:squid3", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2018-0752-1.NASL", "href": "https://www.tenable.com/plugins/nessus/108528", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0752-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108528);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n\n script_name(english:\"SUSE SLES11 Security Update : squid3 (SUSE-SU-2018:0752-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid3 fixes the following issues: Security issues\nfixed :\n\n - CVE-2018-1000024: DoS fix caused by incorrect pointer\n handling when processing ESI responses. This affects the\n default custom esi_parser (bsc#1077003).\n\n - CVE-2018-1000027: DoS fix caused by incorrect pointer\n handing whien processing ESI responses or downloading\n intermediate CA certificates (bsc#1077006).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1077003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1077006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000024/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000027/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180752-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9505a3da\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-squid3-13521=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-squid3-13521=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"squid3-3.1.23-8.16.37.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:40:02", "description": "Several vulnerabilities have been discovered in Squid3, a fully featured web proxy cache. The Common Vulnerabilities and Exposures project identifies the following issues :\n\n - CVE-2018-1000024 Louis Dion-Marcil discovered that Squid does not properly handle processing of certain ESI responses. A remote server delivering certain ESI response syntax can take advantage of this flaw to cause a denial of service for all clients accessing the Squid service. This problem is limited to the Squid custom ESI parser.\n\n - CVE-2018-1000027 Louis Dion-Marcil discovered that Squid is prone to a denial of service vulnerability when processing ESI responses or downloading intermediate CA certificates. A remote attacker can take advantage of this flaw to cause a denial of service for all clients accessing the Squid service.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-23T00:00:00", "type": "nessus", "title": "Debian DSA-4122-1 : squid3 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2018-11-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid3", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4122.NASL", "href": "https://www.tenable.com/plugins/nessus/106957", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4122. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106957);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2018/11/13 12:30:46\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n script_xref(name:\"DSA\", value:\"4122\");\n\n script_name(english:\"Debian DSA-4122-1 : squid3 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Squid3, a fully\nfeatured web proxy cache. The Common Vulnerabilities and Exposures\nproject identifies the following issues :\n\n - CVE-2018-1000024\n Louis Dion-Marcil discovered that Squid does not\n properly handle processing of certain ESI responses. A\n remote server delivering certain ESI response syntax can\n take advantage of this flaw to cause a denial of service\n for all clients accessing the Squid service. This\n problem is limited to the Squid custom ESI parser.\n\n - CVE-2018-1000027\n Louis Dion-Marcil discovered that Squid is prone to a\n denial of service vulnerability when processing ESI\n responses or downloading intermediate CA certificates. A\n remote attacker can take advantage of this flaw to cause\n a denial of service for all clients accessing the Squid\n service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888719\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888720\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-1000024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-1000027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/squid3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/squid3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/squid3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4122\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the squid3 packages.\n\nFor the oldstable distribution (jessie), these problems have been\nfixed in version 3.4.8-6+deb8u5.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 3.5.23-5+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"squid-cgi\", reference:\"3.4.8-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid-purge\", reference:\"3.4.8-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid3\", reference:\"3.4.8-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid3-common\", reference:\"3.4.8-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid3-dbg\", reference:\"3.4.8-6+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squidclient\", reference:\"3.4.8-6+deb8u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"squid\", reference:\"3.5.23-5+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"squid-cgi\", reference:\"3.5.23-5+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"squid-common\", reference:\"3.5.23-5+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"squid-dbg\", reference:\"3.5.23-5+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"squid-purge\", reference:\"3.5.23-5+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"squid3\", reference:\"3.5.23-5+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"squidclient\", reference:\"3.5.23-5+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-25T14:33:10", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1068 advisory.\n\n - squid: Incorrect pointer handling when processing ESI Responses can lead to denial of service (CVE-2018-1000024)\n\n - squid: Incorrect pointer handling in HTTP processing and certificate download can lead to denial of service (CVE-2018-1000027)\n\n - squid: XSS via user_name or auth parameter in cachemgr.cgi (CVE-2019-13345)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-10T00:00:00", "type": "nessus", "title": "CentOS 7 : squid (CESA-2020:1068)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027", "CVE-2019-13345"], "modified": "2020-06-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:squid", "p-cpe:/a:centos:centos:squid-migration-script", "p-cpe:/a:centos:centos:squid-sysvinit", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2020-1068.NASL", "href": "https://www.tenable.com/plugins/nessus/135330", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:1068 and \n# CentOS Errata and Security Advisory 2020:1068 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135330);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/05\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\", \"CVE-2019-13345\");\n script_xref(name:\"RHSA\", value:\"2020:1068\");\n\n script_name(english:\"CentOS 7 : squid (CESA-2020:1068)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1068 advisory.\n\n - squid: Incorrect pointer handling when processing ESI\n Responses can lead to denial of service\n (CVE-2018-1000024)\n\n - squid: Incorrect pointer handling in HTTP processing and\n certificate download can lead to denial of service\n (CVE-2018-1000027)\n\n - squid: XSS via user_name or auth parameter in\n cachemgr.cgi (CVE-2019-13345)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2020-April/012611.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ed2e8847\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13345\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-3.5.20-15.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-migration-script-3.5.20-15.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.5.20-15.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-migration-script / squid-sysvinit\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-26T14:36:02", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1068 advisory.\n\n - squid: Incorrect pointer handling when processing ESI Responses can lead to denial of service (CVE-2018-1000024)\n\n - squid: Incorrect pointer handling in HTTP processing and certificate download can lead to denial of service (CVE-2018-1000027)\n\n - squid: XSS via user_name or auth parameter in cachemgr.cgi (CVE-2019-13345)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-01T00:00:00", "type": "nessus", "title": "RHEL 7 : squid (RHSA-2020:1068)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027", "CVE-2019-13345"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:squid:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:squid-sysvinit:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:squid-migration-script:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-1068.NASL", "href": "https://www.tenable.com/plugins/nessus/135061", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1068. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135061);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\", \"CVE-2019-13345\");\n script_bugtraq_id(109095);\n script_xref(name:\"RHSA\", value:\"2020:1068\");\n\n script_name(english:\"RHEL 7 : squid (RHSA-2020:1068)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1068 advisory.\n\n - squid: Incorrect pointer handling when processing ESI Responses can lead to denial of service\n (CVE-2018-1000024)\n\n - squid: Incorrect pointer handling in HTTP processing and certificate download can lead to denial of\n service (CVE-2018-1000027)\n\n - squid: XSS via user_name or auth parameter in cachemgr.cgi (CVE-2019-13345)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-1000024\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-1000027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-13345\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1068\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1536939\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1536942\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1727744\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected squid, squid-migration-script and / or squid-sysvinit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 79, 117);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid-sysvinit\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'squid-3.5.20-15.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'7'},\n {'reference':'squid-3.5.20-15.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'7'},\n {'reference':'squid-migration-script-3.5.20-15.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'7'},\n {'reference':'squid-migration-script-3.5.20-15.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'7'},\n {'reference':'squid-sysvinit-3.5.20-15.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'7'},\n {'reference':'squid-sysvinit-3.5.20-15.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'7'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'squid / squid-migration-script / squid-sysvinit');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-25T14:33:16", "description": "* squid: Incorrect pointer handling when processing ESI Responses can lead to denial of service * squid: Incorrect pointer handling in HTTP processing and certificate download can lead to denial of service\n\n* squid: XSS via user_name or auth parameter in cachemgr.cgi", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : squid on SL7.x x86_64 (20200407)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027", "CVE-2019-13345"], "modified": "2020-04-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:squid", "p-cpe:/a:fermilab:scientific_linux:squid-debuginfo", "p-cpe:/a:fermilab:scientific_linux:squid-migration-script", "p-cpe:/a:fermilab:scientific_linux:squid-sysvinit", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20200407_SQUID_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/135837", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135837);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/24\");\n\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\", \"CVE-2019-13345\");\n\n script_name(english:\"Scientific Linux Security Update : squid on SL7.x x86_64 (20200407)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"* squid: Incorrect pointer handling when processing ESI Responses can\nlead to denial of service * squid: Incorrect pointer handling in HTTP\nprocessing and certificate download can lead to denial of service\n\n* squid: XSS via user_name or auth parameter in cachemgr.cgi\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2004&L=SCIENTIFIC-LINUX-ERRATA&P=15203\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?785a90e4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13345\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-migration-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squid-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-3.5.20-15.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-debuginfo-3.5.20-15.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-migration-script-3.5.20-15.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"squid-sysvinit-3.5.20-15.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-migration-script / squid-sysvinit\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:40:07", "description": "Bugfix + security update\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-07T00:00:00", "type": "nessus", "title": "Fedora 27 : 7:squid (2018-4fabf63492)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:7:squid", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-4FABF63492.NASL", "href": "https://www.tenable.com/plugins/nessus/106635", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-4fabf63492.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106635);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-1000024\");\n script_xref(name:\"FEDORA\", value:\"2018-4fabf63492\");\n\n script_name(english:\"Fedora 27 : 7:squid (2018-4fabf63492)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Bugfix + security update\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-4fabf63492\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 7:squid package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:7:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"squid-4.0.23-2.fc27\", epoch:\"7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"7:squid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:40:00", "description": "Squid, a high-performance proxy caching server for web clients, has been found vulnerable to denial of service attacks associated with ESI response processing and intermediate CA certificate downloading.\n\nCVE-2018-1000027\n\nIncorrect pointer handling resulted in the possibility of a remote client delivering certain HTTP requests in conjunction with certain trusted server reponses involving the processing of ESI responses or downloading of intermediate CA certificates to trigger a denial of service for all clients accessing the squid service.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 2.7.STABLE9-4.1+deb7u3.\n\nWe recommend that you upgrade your squid packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-05T00:00:00", "type": "nessus", "title": "Debian DLA-1267-1 : squid security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000027"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid", "p-cpe:/a:debian:debian_linux:squid-common", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-1267.NASL", "href": "https://www.tenable.com/plugins/nessus/106590", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1267-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106590);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-1000027\");\n\n script_name(english:\"Debian DLA-1267-1 : squid security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Squid, a high-performance proxy caching server for web clients, has\nbeen found vulnerable to denial of service attacks associated with ESI\nresponse processing and intermediate CA certificate downloading.\n\nCVE-2018-1000027\n\nIncorrect pointer handling resulted in the possibility of a remote\nclient delivering certain HTTP requests in conjunction with certain\ntrusted server reponses involving the processing of ESI responses or\ndownloading of intermediate CA certificates to trigger a denial of\nservice for all clients accessing the squid service.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n2.7.STABLE9-4.1+deb7u3.\n\nWe recommend that you upgrade your squid packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/02/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/squid\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected squid, and squid-common packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"squid\", reference:\"2.7.STABLE9-4.1+deb7u3\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid-common\", reference:\"2.7.STABLE9-4.1+deb7u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-17T14:22:38", "description": "Security fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556\n\n----\n\nSecurity fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054\n\n----\n\nSecurity fix for CVE-2016-3947 and CVE-2016-3948\n\n----\n\nSecurity fix for CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-15T00:00:00", "type": "nessus", "title": "Fedora 23 : 7:squid (2016-b3b9407940)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:7:squid", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-B3B9407940.NASL", "href": "https://www.tenable.com/plugins/nessus/92285", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-b3b9407940.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92285);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n script_xref(name:\"FEDORA\", value:\"2016-b3b9407940\");\n\n script_name(english:\"Fedora 23 : 7:squid (2016-b3b9407940)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555,\nCVE-2016-4556\n\n----\n\nSecurity fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053,\nCVE-2016-4054\n\n----\n\nSecurity fix for CVE-2016-3947 and CVE-2016-3948\n\n----\n\nSecurity fix for CVE-2016-2569 CVE-2016-2570 CVE-2016-2571\nCVE-2016-2572\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3b9407940\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 7:squid package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:7:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"squid-3.5.10-4.fc23\", epoch:\"7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"7:squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:32:01", "description": "The backported patch to solve CVE-2016-2569 yielded to failed assertions that made squid3 to crash when closing connections. The fix for this CVE strongly relies on exception handling present in more recent versions of squid3, that I failed to identify in the previous update. I have reverted the patch to take the safest position, taking into account that Squeeze users should migrate to a supported version of Debian. This post-EOL update is intended to keep a functional squid3 package in the archive.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-03-01T00:00:00", "type": "nessus", "title": "Debian DLA-445-2 : squid3 regression update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid-cgi", "p-cpe:/a:debian:debian_linux:squid3", "p-cpe:/a:debian:debian_linux:squid3-common", "p-cpe:/a:debian:debian_linux:squid3-dbg", "p-cpe:/a:debian:debian_linux:squidclient", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-445.NASL", "href": "https://www.tenable.com/plugins/nessus/89045", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-445-2. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89045);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2569\");\n\n script_name(english:\"Debian DLA-445-2 : squid3 regression update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The backported patch to solve CVE-2016-2569 yielded to failed\nassertions that made squid3 to crash when closing connections. The fix\nfor this CVE strongly relies on exception handling present in more\nrecent versions of squid3, that I failed to identify in the previous\nupdate. I have reverted the patch to take the safest position, taking\ninto account that Squeeze users should migrate to a supported version\nof Debian. This post-EOL update is intended to keep a functional\nsquid3 package in the archive.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/03/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/squid3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squidclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"squid-cgi\", reference:\"3.1.6-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"squid3\", reference:\"3.1.6-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"squid3-common\", reference:\"3.1.6-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"squid3-dbg\", reference:\"3.1.6-1.2+squeeze7\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"squidclient\", reference:\"3.1.6-1.2+squeeze7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-10T14:54:30", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has squid packages installed that are affected by multiple vulnerabilities:\n\n - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow. (CVE-2019-12519)\n\n - An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials). (CVE-2020-11945)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later. (CVE-2018-1000024)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later. (CVE-2018-1000027)\n\n - An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1. (CVE-2019-12525)\n\n - The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.\n (CVE-2019-13345)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : squid Multiple Vulnerabilities (NS-SA-2020-0060)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027", "CVE-2019-12519", "CVE-2019-12525", "CVE-2019-13345", "CVE-2020-11945"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0060_SQUID.NASL", "href": "https://www.tenable.com/plugins/nessus/143907", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0060. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143907);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\n \"CVE-2018-1000024\",\n \"CVE-2018-1000027\",\n \"CVE-2019-12519\",\n \"CVE-2019-12525\",\n \"CVE-2019-13345\",\n \"CVE-2020-11945\"\n );\n script_bugtraq_id(109095, 109382);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : squid Multiple Vulnerabilities (NS-SA-2020-0060)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has squid packages installed that are affected by\nmultiple vulnerabilities:\n\n - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid\n calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's\n being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a\n new member to the stack. When adding a new member, there is no check to ensure that the stack won't\n overflow. (CVE-2019-12519)\n\n - An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest\n Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the\n attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if\n the pooled token credentials are freed (instead of replayed as valid credentials). (CVE-2020-11945)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a\n Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service\n for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP\n response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed\n in 4.0.23 and later. (CVE-2018-1000024)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL\n Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in\n Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server\n responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to\n have been fixed in 4.0.23 and later. (CVE-2018-1000027)\n\n - An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use\n Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as\n domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it\n performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote\n (which would satisfy its requirements), leading to a memcpy of its length minus 1. (CVE-2019-12525)\n\n - The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.\n (CVE-2019-13345)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0060\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL squid packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11945\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'squid-3.5.20-15.el7_8.1',\n 'squid-debuginfo-3.5.20-15.el7_8.1',\n 'squid-migration-script-3.5.20-15.el7_8.1',\n 'squid-sysvinit-3.5.20-15.el7_8.1'\n ],\n 'CGSL MAIN 5.04': [\n 'squid-3.5.20-15.el7_8.1',\n 'squid-debuginfo-3.5.20-15.el7_8.1',\n 'squid-migration-script-3.5.20-15.el7_8.1',\n 'squid-sysvinit-3.5.20-15.el7_8.1'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'squid');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:55:21", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has squid packages installed that are affected by multiple vulnerabilities:\n\n - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow. (CVE-2019-12519)\n\n - An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials). (CVE-2020-11945)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later. (CVE-2018-1000024)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later. (CVE-2018-1000027)\n\n - An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1. (CVE-2019-12525)\n\n - The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.\n (CVE-2019-13345)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : squid Multiple Vulnerabilities (NS-SA-2020-0090)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027", "CVE-2019-12519", "CVE-2019-12525", "CVE-2019-13345", "CVE-2020-11945"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0090_SQUID.NASL", "href": "https://www.tenable.com/plugins/nessus/143989", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0090. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143989);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\n \"CVE-2018-1000024\",\n \"CVE-2018-1000027\",\n \"CVE-2019-12519\",\n \"CVE-2019-12525\",\n \"CVE-2019-13345\",\n \"CVE-2020-11945\"\n );\n script_bugtraq_id(109095, 109382);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : squid Multiple Vulnerabilities (NS-SA-2020-0090)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has squid packages installed that are affected by\nmultiple vulnerabilities:\n\n - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid\n calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's\n being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a\n new member to the stack. When adding a new member, there is no check to ensure that the stack won't\n overflow. (CVE-2019-12519)\n\n - An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest\n Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the\n attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if\n the pooled token credentials are freed (instead of replayed as valid credentials). (CVE-2020-11945)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a\n Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service\n for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP\n response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed\n in 4.0.23 and later. (CVE-2018-1000024)\n\n - The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL\n Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in\n Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server\n responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to\n have been fixed in 4.0.23 and later. (CVE-2018-1000027)\n\n - An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use\n Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as\n domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it\n performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote\n (which would satisfy its requirements), leading to a memcpy of its length minus 1. (CVE-2019-12525)\n\n - The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.\n (CVE-2019-13345)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0090\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL squid packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11945\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.05': [\n 'squid-3.5.20-15.el7_8.1',\n 'squid-debuginfo-3.5.20-15.el7_8.1',\n 'squid-migration-script-3.5.20-15.el7_8.1',\n 'squid-sysvinit-3.5.20-15.el7_8.1'\n ],\n 'CGSL MAIN 5.05': [\n 'squid-3.5.20-15.el7_8.1',\n 'squid-debuginfo-3.5.20-15.el7_8.1',\n 'squid-migration-script-3.5.20-15.el7_8.1',\n 'squid-sysvinit-3.5.20-15.el7_8.1'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'squid');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-17T14:22:24", "description": "The remote host is affected by the vulnerability described in GLSA-201607-01 (Squid: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details.\n Impact :\n\n An attacker can possibly execute arbitrary code or create a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-11T00:00:00", "type": "nessus", "title": "GLSA-201607-01 : Squid: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-6270", "CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:squid", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201607-01.NASL", "href": "https://www.tenable.com/plugins/nessus/91982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201607-01.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91982);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-6270\", \"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n script_xref(name:\"GLSA\", value:\"201607-01\");\n\n script_name(english:\"GLSA-201607-01 : Squid: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201607-01\n(Squid: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Squid. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n An attacker can possibly execute arbitrary code or create a Denial of\n Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201607-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Squid users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-proxy/squid-3.5.19'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-proxy/squid\", unaffected:make_list(\"ge 3.5.19\"), vulnerable:make_list(\"lt 3.5.19\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:34:06", "description": "Alex Rousskov from The Measurement Factory discovered that Squid3, a fully featured web proxy cache, does not properly handle errors for certain malformed HTTP responses. A remote HTTP server can exploit this flaw to cause a denial of service (assertion failure and daemon exit).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-03-21T00:00:00", "type": "nessus", "title": "Debian DSA-3522-1 : squid3 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2571"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid3", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3522.NASL", "href": "https://www.tenable.com/plugins/nessus/90033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3522. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90033);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2571\");\n script_xref(name:\"DSA\", value:\"3522\");\n\n script_name(english:\"Debian DSA-3522-1 : squid3 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Alex Rousskov from The Measurement Factory discovered that Squid3, a\nfully featured web proxy cache, does not properly handle errors for\ncertain malformed HTTP responses. A remote HTTP server can exploit\nthis flaw to cause a denial of service (assertion failure and daemon\nexit).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/squid3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/squid3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3522\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the squid3 packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 3.1.20-2.2+deb7u4.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.4.8-6+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"squid-cgi\", reference:\"3.1.20-2.2+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3\", reference:\"3.1.20-2.2+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3-common\", reference:\"3.1.20-2.2+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squid3-dbg\", reference:\"3.1.20-2.2+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"squidclient\", reference:\"3.1.20-2.2+deb7u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid-cgi\", reference:\"3.4.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid-purge\", reference:\"3.4.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid3\", reference:\"3.4.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid3-common\", reference:\"3.4.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squid3-dbg\", reference:\"3.4.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squidclient\", reference:\"3.4.8-6+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-15T14:12:31", "description": "The Squid HTTP proxy has been updated to version 3.3.14, fixing the following security issues :\n\n - Fixed multiple Denial of Service issues in HTTP Response processing. (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393, bsc#968394, bsc#968395)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. (bsc#973782)\n\n - CVE-2015-5400: Improper protection of alternate path.\n (bsc#938715)\n\n - CVE-2015-3455: Squid http proxy configured with client-first SSL bumping did not correctly validate server certificate. (bsc#929493)\n\n - CVE-2016-3948: Fixed denial of service in HTTP Response processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054: Fixed multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4553: Fixed cache poisoning issue in HTTP Request handling (bsc#979009)\n\n - CVE-2016-4554: Fixed header smuggling issue in HTTP Request processing (bsc#979010)\n\n - Fixed multiple Denial of Service issues in ESI Response processing. (CVE-2016-4555, CVE-2016-4556, bsc#979011, bsc#979008)\n\nAdditionally, the following non-security issues have been fixed :\n\n - Fix header size in script unsquid.pl. (bsc#902197)\n\n - Add external helper ext_session_acl to package.\n (bsc#959290)\n\n - Update forward_max_tries to permit 25 server paths With cloud sites becoming more popular more CDN servers are producing long lists of IPv6 and IPv4 addresses. If there are not enough paths selected the IPv4 ones may never be reached.\n\n - squid.init: wait that squid really dies when we kill it on upgrade instead of proclaiming its demise prematurely (bnc#963539)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-08-17T00:00:00", "type": "nessus", "title": "openSUSE Security Update : squid (openSUSE-2016-988)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3455", "CVE-2015-5400", "CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:squid", "p-cpe:/a:novell:opensuse:squid-debuginfo", "p-cpe:/a:novell:opensuse:squid-debugsource", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-988.NASL", "href": "https://www.tenable.com/plugins/nessus/92994", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-988.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92994);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-3455\", \"CVE-2015-5400\", \"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n\n script_name(english:\"openSUSE Security Update : squid (openSUSE-2016-988)\");\n script_summary(english:\"Check for the openSUSE-2016-988 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Squid HTTP proxy has been updated to version 3.3.14, fixing the\nfollowing security issues :\n\n - Fixed multiple Denial of Service issues in HTTP Response\n processing. (CVE-2016-2569, CVE-2016-2570,\n CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393,\n bsc#968394, bsc#968395)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6\n processing. (bsc#973782)\n\n - CVE-2015-5400: Improper protection of alternate path.\n (bsc#938715)\n\n - CVE-2015-3455: Squid http proxy configured with\n client-first SSL bumping did not correctly validate\n server certificate. (bsc#929493)\n\n - CVE-2016-3948: Fixed denial of service in HTTP Response\n processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi\n (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054: Fixed\n multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4553: Fixed cache poisoning issue in HTTP\n Request handling (bsc#979009)\n\n - CVE-2016-4554: Fixed header smuggling issue in HTTP\n Request processing (bsc#979010)\n\n - Fixed multiple Denial of Service issues in ESI Response\n processing. (CVE-2016-4555, CVE-2016-4556, bsc#979011,\n bsc#979008)\n\nAdditionally, the following non-security issues have been fixed :\n\n - Fix header size in script unsquid.pl. (bsc#902197)\n\n - Add external helper ext_session_acl to package.\n (bsc#959290)\n\n - Update forward_max_tries to permit 25 server paths With\n cloud sites becoming more popular more CDN servers are\n producing long lists of IPv6 and IPv4 addresses. If\n there are not enough paths selected the IPv4 ones may\n never be reached.\n\n - squid.init: wait that squid really dies when we kill it\n on upgrade instead of proclaiming its demise prematurely\n (bnc#963539)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=929493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=938715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=963539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=973782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=973783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=979008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=979009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=979010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=979011\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"squid-3.3.14-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"squid-debuginfo-3.3.14-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"squid-debugsource-3.3.14-6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo / squid-debugsource\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-05T17:17:38", "description": "The Squid HTTP proxy has been updated to version 3.3.14, fixing the following security issues :\n\n - Fixed multiple Denial of Service issues in HTTP Response processing. (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393, bsc#968394, bsc#968395)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. (bsc#973782)\n\n - CVE-2015-5400: Improper protection of alternate path.\n (bsc#938715)\n\n - CVE-2015-3455: Squid http proxy configured with client-first SSL bumping did not correctly validate server certificate. (bsc#929493)\n\n - CVE-2016-3948: Fixed denial of service in HTTP Response processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054: Fixed multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4553: Fixed cache poisoning issue in HTTP Request handling (bsc#979009)\n\n - CVE-2016-4554: Fixed header smuggling issue in HTTP Request processing (bsc#979010)\n\n - Fixed multiple Denial of Service issues in ESI Response processing. (CVE-2016-4555, CVE-2016-4556, bsc#979011, bsc#979008)\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-09-02T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : squid (SUSE-SU-2016:2008-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3455", "CVE-2015-5400", "CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:squid", "p-cpe:/a:novell:suse_linux:squid-debuginfo", "p-cpe:/a:novell:suse_linux:squid-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-2008-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93279", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2008-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93279);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-3455\", \"CVE-2015-5400\", \"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n script_bugtraq_id(74438);\n\n script_name(english:\"SUSE SLES12 Security Update : squid (SUSE-SU-2016:2008-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Squid HTTP proxy has been updated to version 3.3.14, fixing the\nfollowing security issues :\n\n - Fixed multiple Denial of Service issues in HTTP Response\n processing. (CVE-2016-2569, CVE-2016-2570,\n CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393,\n bsc#968394, bsc#968395)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6\n processing. (bsc#973782)\n\n - CVE-2015-5400: Improper protection of alternate path.\n (bsc#938715)\n\n - CVE-2015-3455: Squid http proxy configured with\n client-first SSL bumping did not correctly validate\n server certificate. (bsc#929493)\n\n - CVE-2016-3948: Fixed denial of service in HTTP Response\n processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi\n (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054: Fixed\n multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4553: Fixed cache poisoning issue in HTTP\n Request handling (bsc#979009)\n\n - CVE-2016-4554: Fixed header smuggling issue in HTTP\n Request processing (bsc#979010)\n\n - Fixed multiple Denial of Service issues in ESI Response\n processing. (CVE-2016-4555, CVE-2016-4556, bsc#979011,\n bsc#979008)\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=929493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3455/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5400/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2570/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2571/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2572/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3947/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3948/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4051/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4052/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4053/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4054/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4553/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4554/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4555/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4556/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162008-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0de7d73e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2016-1184=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"squid-3.3.14-20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"squid-debuginfo-3.3.14-20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"squid-debugsource-3.3.14-20.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:07", "description": "The specific version of Squid that the system is running is reportedly affected by the following vulnerabilities:\n\n- Squid contains an overflow condition in the Icmp6::Recv() function in icmp/Icmp6.cc of the pinger binary. The issue is triggered as user-supplied input is not properly validated when handling specially crafted ICMPv6 packets. This may allow a remote attacker to cause a buffer overflow, crashing the pinger process or potentially leaking data into log files. (CVE-2016-3947)\n\n- Squid contains a flaw that is triggered as bounds are not properly checked when processing HTTP responses. This may allow a remote attacker to cause a denial of service for all clients accessing the service. (CVE-2016-3948)\n", "cvss3": {}, "published": "2016-10-31T00:00:00", "type": "nessus", "title": "Squid 3.x < 3.5.16, 4.0.x < 4.0.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-3947", "CVE-2016-3948"], "modified": "2016-10-31T00:00:00", "cpe": [], "id": "802030.PRM", "href": "https://www.tenable.com/plugins/lce/802030", "sourceData": "Binary data 802030.prm", "cvss": {"score": 6.4, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T16:36:47", "description": "Squid security advisory 2016:3 reports :\n\nDue to a buffer overrun Squid pinger binary is vulnerable to denial of service or information leak attack when processing ICMPv6 packets.\n\nThis bug also permits the server response to manipulate other ICMP and ICMPv6 queries processing to cause information leak.\n\nThis bug allows any remote server to perform a denial of service attack on the Squid service by crashing the pinger. This may affect Squid HTTP routing decisions. In some configurations, sub-optimal routing decisions may result in serious service degradation or even transaction failures.\n\nIf the system does not contain buffer-overrun protection leading to that crash this bug will instead allow attackers to leak arbitrary amounts of information from the heap into Squid log files. This is of higher importance than usual because the pinger process operates with root priviliges.\n\nSquid security advisory 2016:4 reports :\n\nDue to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses.\n\nThis problem allows a malicious client script and remote server delivering certain unusual HTTP response syntax to trigger a denial of service for all clients accessing the Squid service.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2016-04-05T00:00:00", "type": "nessus", "title": "FreeBSD : squid -- multiple vulnerabilities (297117ba-f92d-11e5-92ce-002590263bf5)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3947", "CVE-2016-3948"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:squid", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_297117BAF92D11E592CE002590263BF5.NASL", "href": "https://www.tenable.com/plugins/nessus/90334", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90334);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-3947\", \"CVE-2016-3948\");\n\n script_name(english:\"FreeBSD : squid -- multiple vulnerabilities (297117ba-f92d-11e5-92ce-002590263bf5)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Squid security advisory 2016:3 reports :\n\nDue to a buffer overrun Squid pinger binary is vulnerable to denial of\nservice or information leak attack when processing ICMPv6 packets.\n\nThis bug also permits the server response to manipulate other ICMP and\nICMPv6 queries processing to cause information leak.\n\nThis bug allows any remote server to perform a denial of service\nattack on the Squid service by crashing the pinger. This may affect\nSquid HTTP routing decisions. In some configurations, sub-optimal\nrouting decisions may result in serious service degradation or even\ntransaction failures.\n\nIf the system does not contain buffer-overrun protection leading to\nthat crash this bug will instead allow attackers to leak arbitrary\namounts of information from the heap into Squid log files. This is of\nhigher importance than usual because the pinger process operates with\nroot priviliges.\n\nSquid security advisory 2016:4 reports :\n\nDue to incorrect bounds checking Squid is vulnerable to a denial of\nservice attack when processing HTTP responses.\n\nThis problem allows a malicious client script and remote server\ndelivering certain unusual HTTP response syntax to trigger a denial of\nservice for all clients accessing the Squid service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2016_3.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squid-cache.org/Advisories/SQUID-2016_4.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/297117ba-f92d-11e5-92ce-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?433490a4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"squid<3.5.16\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:36:45", "description": "Sebastian Krahmer discovered that Squid incorrectly handled certain SNMP requests. If SNMP is enabled, a remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-6270)\n\nAlex Rousskov discovered that Squid incorrectly handled certain malformed responses. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service.\n(CVE-2016-2571).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-03-08T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : squid3 vulnerabilities (USN-2921-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-6270", "CVE-2016-2571"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:squid3", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2921-1.NASL", "href": "https://www.tenable.com/plugins/nessus/89734", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2921-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89734);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2014-6270\", \"CVE-2016-2571\");\n script_xref(name:\"USN\", value:\"2921-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : squid3 vulnerabilities (USN-2921-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sebastian Krahmer discovered that Squid incorrectly handled certain\nSNMP requests. If SNMP is enabled, a remote attacker could use this\nissue to cause Squid to crash, resulting in a denial of service, or\npossibly execute arbitrary code. (CVE-2014-6270)\n\nAlex Rousskov discovered that Squid incorrectly handled certain\nmalformed responses. A remote attacker could possibly use this issue\nto cause Squid to crash, resulting in a denial of service.\n(CVE-2016-2571).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2921-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"squid3\", pkgver:\"3.1.19-1ubuntu3.12.04.6\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"squid3\", pkgver:\"3.3.8-1ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"squid3\", pkgver:\"3.3.8-1ubuntu16.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-05T17:16:57", "description": "This update for squid3 fixes the following issues :\n\n - Multiple issues in pinger ICMP processing.\n (CVE-2014-7141, CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing (bsc#979010)\n\n - Fix multiple Denial of Service issues in HTTP Response processing. (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393, bsc#968394, bsc#968395)\n\n - Regression caused by the DoS fixes above (bsc#993299)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 :\n\n - fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-09-02T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:2089-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3205", "CVE-2011-4096", "CVE-2012-5643", "CVE-2013-0188", "CVE-2013-4115", "CVE-2014-0128", "CVE-2014-6270", "CVE-2014-7141", "CVE-2014-7142", "CVE-2015-5400", "CVE-2016-2390", "CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:squid3", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-2089-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93294", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2089-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93294);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3205\", \"CVE-2011-4096\", \"CVE-2012-5643\", \"CVE-2013-0188\", \"CVE-2013-4115\", \"CVE-2014-0128\", \"CVE-2014-6270\", \"CVE-2014-7141\", \"CVE-2014-7142\", \"CVE-2015-5400\", \"CVE-2016-2390\", \"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n script_bugtraq_id(49356, 50449, 56957, 61111, 66112, 69686, 69688, 70022);\n\n script_name(english:\"SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:2089-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid3 fixes the following issues :\n\n - Multiple issues in pinger ICMP processing.\n (CVE-2014-7141, CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6\n processing. (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP\n Request processing (bsc#979010)\n\n - Fix multiple Denial of Service issues in HTTP Response\n processing. (CVE-2016-2569, CVE-2016-2570,\n CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393,\n bsc#968394, bsc#968395)\n\n - Regression caused by the DoS fixes above (bsc#993299)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response\n processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi\n (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 :\n\n - fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc\n (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path\n (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem\n (bsc#895773)\n\n - Memory leak in squid3 when using external_acl\n (bsc#976708)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=993299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2011-3205/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2011-4096/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2012-5643/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-0188/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-4115/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-0128/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-6270/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7141/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7142/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5400/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2390/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2570/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2571/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2572/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3947/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3948/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4051/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4052/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4053/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4054/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4553/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4554/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4555/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4556/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162089-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ce87cdd0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-squid3-12701=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-squid3-12701=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"squid3-3.1.23-8.16.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-05T17:14:22", "description": "This update for squid3 fixes the following issues :\n\n - Multiple issues in pinger ICMP processing.\n (CVE-2014-7141, CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing (bsc#979010)\n\n - fix multiple Denial of Service issues in HTTP Response processing. (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393, bsc#968394, bsc#968395)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 :\n\n - fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-09-02T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:1996-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3205", "CVE-2011-4096", "CVE-2012-5643", "CVE-2013-0188", "CVE-2013-4115", "CVE-2014-0128", "CVE-2014-6270", "CVE-2014-7141", "CVE-2014-7142", "CVE-2015-5400", "CVE-2016-2390", "CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:squid3", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-1996-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93271", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1996-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93271);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3205\", \"CVE-2011-4096\", \"CVE-2012-5643\", \"CVE-2013-0188\", \"CVE-2013-4115\", \"CVE-2014-0128\", \"CVE-2014-6270\", \"CVE-2014-7141\", \"CVE-2014-7142\", \"CVE-2015-5400\", \"CVE-2016-2390\", \"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n script_bugtraq_id(49356, 50449, 56957, 61111, 66112, 69686, 69688, 70022);\n\n script_name(english:\"SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:1996-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for squid3 fixes the following issues :\n\n - Multiple issues in pinger ICMP processing.\n (CVE-2014-7141, CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6\n processing. (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP\n Request processing (bsc#979010)\n\n - fix multiple Denial of Service issues in HTTP Response\n processing. (CVE-2016-2569, CVE-2016-2570,\n CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393,\n bsc#968394, bsc#968395)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response\n processing (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi\n (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 :\n\n - fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc\n (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path\n (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem\n (bsc#895773)\n\n - Memory leak in squid3 when using external_acl\n (bsc#976708)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2011-3205/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2011-4096/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2012-5643/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-0188/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-4115/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-0128/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-6270/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7141/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7142/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5400/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2390/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2570/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2571/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2572/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3947/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3948/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4051/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4052/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4053/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4054/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4553/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4554/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4555/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4556/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161996-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f570bb57\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-squid3-12682=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-squid3-12682=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:squid3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"squid3-3.1.23-8.16.27.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-16T15:09:19", "description": "Security fix for CVE-2016-2571, CVE-2016-2572 ---- squid-3.4.13-3.fc22\n- Resolves: #1231992 ---- Security fix for #1240741, #1240744 Updated to version 3.4.13, which fixes CVE-2015-3455\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-09T00:00:00", "type": "nessus", "title": "Fedora 22 : libecap-1.0.0-1.fc22 / squid-3.5.10-1.fc22 (2016-7b40eb9e29)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3455", "CVE-2015-5400", "CVE-2016-2571", "CVE-2016-2572"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libecap", "p-cpe:/a:fedoraproject:fedora:squid", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-7B40EB9E29.NASL", "href": "https://www.tenable.com/plugins/nessus/90960", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-7b40eb9e29.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90960);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-3455\", \"CVE-2015-5400\");\n script_xref(name:\"FEDORA\", value:\"2016-7b40eb9e29\");\n\n script_name(english:\"Fedora 22 : libecap-1.0.0-1.fc22 / squid-3.5.10-1.fc22 (2016-7b40eb9e29)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-2571, CVE-2016-2572 ---- squid-3.4.13-3.fc22\n- Resolves: #1231992 ---- Security fix for #1240741, #1240744 Updated\nto version 3.4.13, which fixes CVE-2015-3455\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1218118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1240741\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183597.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?314ae20e\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183598.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?51491c24\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libecap and / or squid packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libecap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"libecap-1.0.0-1.fc22\")) flag++;\nif (rpm_check(release:\"FC22\", reference:\"squid-3.5.10-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libecap / squid\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-17T14:22:29", "description": "Bugfix\n\n----\n\nSecurity fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556\n\n----\n\nSecurity fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054\n\n----\n\nSecurity fix for CVE-2016-3947 and CVE-2016-3948\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-15T00:00:00", "type": "nessus", "title": "Fedora 24 : 7:squid (2016-95edf19d8a)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:7:squid", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-95EDF19D8A.NASL", "href": "https://www.tenable.com/plugins/nessus/92268", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-95edf19d8a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92268);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\");\n script_xref(name:\"FEDORA\", value:\"2016-95edf19d8a\");\n\n script_name(english:\"Fedora 24 : 7:squid (2016-95edf19d8a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Bugfix\n\n----\n\nSecurity fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555,\nCVE-2016-4556\n\n----\n\nSecurity fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053,\nCVE-2016-4054\n\n----\n\nSecurity fix for CVE-2016-3947 and CVE-2016-3948\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-95edf19d8a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 7:squid package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:7:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"squid-3.5.19-2.fc24\", epoch:\"7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"7:squid\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-01-26T15:05:04", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * squid3 \\- Web proxy cache server\n\nUSN-3557-1 fixed vulnerabilities in Squid. This update introduced a regression \nwhich could cause the cache log to be filled with many Vary loop messages. This \nupdate fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nMathias Fischer discovered that Squid incorrectly handled certain long \nstrings in headers. A malicious remote server could possibly cause Squid to \ncrash, resulting in a denial of service. This issue was only addressed in \nUbuntu 16.04 LTS. (CVE-2016-2569)\n\nWilliam Lima discovered that Squid incorrectly handled XML parsing when \nprocessing Edge Side Includes (ESI). A malicious remote server could \npossibly cause Squid to crash, resulting in a denial of service. This issue \nwas only addressed in Ubuntu 16.04 LTS. (CVE-2016-2570)\n\nAlex Rousskov discovered that Squid incorrectly handled response-parsing \nfailures. A malicious remote server could possibly cause Squid to crash, \nresulting in a denial of service. This issue only applied to Ubuntu 16.04 \nLTS. (CVE-2016-2571)\n\nSantiago Ruano Rinc\u00f3n discovered that Squid incorrectly handled certain \nVary headers. A remote attacker could possibly use this issue to cause \nSquid to crash, resulting in a denial of service. This issue was only \naddressed in Ubuntu 16.04 LTS. (CVE-2016-3948)\n\nLouis Dion-Marcil discovered that Squid incorrectly handled certain Edge \nSide Includes (ESI) responses. A malicious remote server could possibly \ncause Squid to crash, resulting in a denial of service. (CVE-2018-1000024)\n\nLouis Dion-Marcil discovered that Squid incorrectly handled certain Edge \nSide Includes (ESI) responses. A malicious remote server could possibly \ncause Squid to crash, resulting in a denial of service. (CVE-2018-1000027)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-12-12T00:00:00", "type": "ubuntu", "title": "Squid regression", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-3948", "CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2022-12-12T00:00:00", "id": "USN-5771-1", "href": "https://ubuntu.com/security/notices/USN-5771-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-26T12:55:14", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * squid3 \\- Web proxy cache server\n\nUSN-4059-1 and USN-3557-1 fixed several vulnerabilities in Squid. This update provides \nthe corresponding update for Ubuntu 12.04 ESM.\n\nOriginal advisory details:\n\nLouis Dion-Marcil discovered that Squid incorrectly handled certain \nEdge Side Includes (ESI) responses. A malicious remote server could \npossibly cause Squid to crash, resulting in a denial of service. \n(CVE-2018-1000024)\n\nLouis Dion-Marcil discovered that Squid incorrectly handled certain \nEdge Side Includes (ESI) responses. A malicious remote server could \npossibly cause Squid to crash, resulting in a denial of service. \n(CVE-2018-1000027)\n\nIt was discovered that Squid incorrectly handled the cachemgr.cgi web \nmodule. A remote attacker could possibly use this issue to conduct \ncross-site scripting (XSS) attacks. (CVE-2019-13345)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-17T00:00:00", "type": "ubuntu", "title": "Squid vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027", "CVE-2019-13345"], "modified": "2019-07-17T00:00:00", "id": "USN-4059-2", "href": "https://ubuntu.com/security/notices/USN-4059-2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-26T13:24:03", "description": "## Releases\n\n * Ubuntu 15.10 \n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * squid3 \\- Web proxy cache server\n\nSebastian Krahmer discovered that Squid incorrectly handled certain SNMP \nrequests. If SNMP is enabled, a remote attacker could use this issue to \ncause Squid to crash, resulting in a denial of service, or possibly execute \narbitrary code. (CVE-2014-6270)\n\nAlex Rousskov discovered that Squid incorrectly handled certain malformed \nresponses. A remote attacker could possibly use this issue to cause Squid \nto crash, resulting in a denial of service. (CVE-2016-2571)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-03-07T00:00:00", "type": "ubuntu", "title": "Squid vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-6270", "CVE-2016-2571"], "modified": "2016-03-07T00:00:00", "id": "USN-2921-1", "href": "https://ubuntu.com/security/notices/USN-2921-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:33:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-02-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for squid3 USN-3557-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000024", "CVE-2016-2570", "CVE-2018-1000027", "CVE-2016-2569", "CVE-2016-2571", "CVE-2016-3948"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843441", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843441", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3557_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for squid3 USN-3557-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843441\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-02-06 07:54:09 +0100 (Tue, 06 Feb 2018)\");\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-3948\",\n \"CVE-2018-1000024\", \"CVE-2018-1000027\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for squid3 USN-3557-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mathias Fischer discovered that Squid\n incorrectly handled certain long strings in headers. A malicious remote server\n could possibly cause Squid to crash, resulting in a denial of service. This\n issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-2569) William Lima\n discovered that Squid incorrectly handled XML parsing when processing Edge Side\n Includes (ESI). A malicious remote server could possibly cause Squid to crash,\n resulting in a denial of service. This issue was only addressed in Ubuntu 16.04\n LTS. (CVE-2016-2570) Alex Rousskov discovered that Squid incorrectly handled\n response-parsing failures. A malicious remote server could possibly cause Squid\n to crash, resulting in a denial of service. This issue only applied to Ubuntu\n 16.04 LTS. (CVE-2016-2571) Santiago Ruano Rincn discovered that Squid\n incorrectly handled certain Vary headers. A remote attacker could possibly use\n this issue to cause Squid to crash, resulting in a denial of service. This issue\n was only addressed in Ubuntu 16.04 LTS. (CVE-2016-3948) Louis Dion-Marcil\n discovered that Squid incorrectly handled certain Edge Side Includes (ESI)\n responses. A malicious remote server could possibly cause Squid to crash,\n resulting in a denial of service. (CVE-2018-1000024) Louis Dion-Marcil\n discovered that Squid incorrectly handled certain Edge Side Includes (ESI)\n responses. A malicious remote server could possibly cause Squid to crash,\n resulting in a denial of service. (CVE-2018-1000027)\");\n script_tag(name:\"affected\", value:\"squid3 on Ubuntu 17.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3557-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3557-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.10|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.3.8-1ubuntu6.11\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.5.23-5ubuntu1.1\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.5.12-1ubuntu7.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:37:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2016-1056)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2570", "CVE-2016-2569", "CVE-2016-2571", "CVE-2016-3948", "CVE-2016-2572"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220161056", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220161056", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2016.1056\");\n script_version(\"2020-01-23T10:41:22+0000\");\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2016-3948\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:41:22 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:41:22 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2016-1056)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2016-1056\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1056\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'squid' package(s) announced via the EulerOS-SA-2016-1056 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header.(CVE-2016-2569)\n\nThe Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h.(CVE-2016-2570)\n\nhttp.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.(CVE-2016-2571)\n\nhttp.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.(CVE-2016-2572)\n\nSquid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.(CVE-2016-3948)\");\n\n script_tag(name:\"affected\", value:\"'squid' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-04T00:00:00", "type": "openvas", "title": "RedHat Update for squid RHSA-2016:2600-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2570", "CVE-2016-2569", "CVE-2016-2571", "CVE-2016-3948", "CVE-2016-2572"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871712", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871712", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squid RHSA-2016:2600-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871712\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-04 05:43:43 +0100 (Fri, 04 Nov 2016)\");\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\",\n \"CVE-2016-3948\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for squid RHSA-2016:2600-02\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Squid is a high-performance proxy caching\nserver for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nThe following packages have been upgraded to a newer upstream version:\nsquid (3.5.20). (BZ#1273942, BZ#1349775)\n\nSecurity Fix(es):\n\n * Incorrect boundary checks were found in the way squid handled headers in\nHTTP responses, which could lead to an assertion failure. A malicious HTTP\nserver could use this flaw to crash squid using a specially crafted HTTP\nresponse. (CVE-2016-2569, CVE-2016-2570)\n\n * It was found that squid did not properly handle errors when failing to\nparse an HTTP response, possibly leading to an assertion failure. A\nmalicious HTTP server could use this flaw to crash squid using a specially\ncrafted HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n * An incorrect boundary check was found in the way squid handled the Vary\nheader in HTTP responses, which could lead to an assertion failure. A\nmalicious HTTP server could use this flaw to crash squid using a specially\ncrafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.\");\n script_tag(name:\"affected\", value:\"squid on\n Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:2600-02\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-November/msg00036.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-debuginfo\", rpm:\"squid-debuginfo~3.5.20~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-05T18:53:22", "description": "This host is running Squid and is prone\n to multiple denial of service vulnerability.", "cvss3": {}, "published": "2016-03-03T00:00:00", "type": "openvas", "title": "Squid Multiple Denial of Service Vulnerabilities March16 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2570", "CVE-2016-2569", "CVE-2016-2571"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310807451", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807451", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid Multiple Denial of Service Vulnerabilities March16 (Linux)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:squid-cache:squid\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807451\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-2571\", \"CVE-2016-2570\", \"CVE-2016-2569\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-03-03 11:34:15 +0530 (Thu, 03 Mar 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Squid Multiple Denial of Service Vulnerabilities March16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running Squid and is prone\n to multiple denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - The 'http.cc' script proceeds with the storage of certain data after a response\n parsing failure.\n\n - The Edge Side Includes (ESI) parser does not check buffer limits during XML\n parsing.\n\n - An improper appending of data to String objects.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n HTTP servers to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Squid version 3.x before 3.5.15 and 4.x\n before 4.0.7 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Squid version 3.5.15 or 4.0.7\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2016-2570\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2016-2569\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2016-2571\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_2.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_squid_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 3128, 8080);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!squidPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!squidVer = get_app_version(cpe:CPE, port:squidPort)){\n exit(0);\n}\n\nif(squidVer =~ \"^(3|4)\")\n{\n if(version_in_range(version:squidVer, test_version:\"3.0.0\", test_version2:\"3.5.14\"))\n {\n fix = \"3.5.15\";\n VULN = TRUE ;\n }\n\n else if(version_in_range(version:squidVer, test_version:\"4.0.0\", test_version2:\"4.0.6\"))\n {\n fix = \"4.0.7\";\n VULN = TRUE ;\n }\n\n if(VULN)\n {\n report = report_fixed_ver(installed_version:squidVer, fixed_version:fix);\n security_message(data:report, port:squidPort);\n exit(0);\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-05T18:54:51", "description": "This host is running Squid and is prone\n to multiple denial of service vulnerability.", "cvss3": {}, "published": "2016-03-03T00:00:00", "type": "openvas", "title": "Squid Multiple Denial of Service Vulnerabilities March16 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2570", "CVE-2016-2569", "CVE-2016-2571"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310807452", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807452", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid Multiple Denial of Service Vulnerabilities March16 (Windows)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:squid-cache:squid\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807452\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-2571\", \"CVE-2016-2570\", \"CVE-2016-2569\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-03-03 11:34:15 +0530 (Thu, 03 Mar 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Squid Multiple Denial of Service Vulnerabilities March16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running Squid and is prone\n to multiple denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - The 'http.cc' script proceeds with the storage of certain data after\n a response parsing failure.\n\n - The Edge Side Includes (ESI) parser does not check buffer limits during XML\n parsing.\n\n - An improper appending of data to String objects.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n HTTP servers to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Squid version 3.x before 3.5.15 and 4.x\n before 4.0.7 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Squid version 3.5.15 or 4.0.7\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2016-2570\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2016-2569\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2016-2571\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_2.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_squid_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\", \"Host/runs_windows\");\n script_require_ports(\"Services/www\", 3128, 8080);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!squidPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!squidVer = get_app_version(cpe:CPE, port:squidPort)){\n exit(0);\n}\n\nif(squidVer =~ \"^(3|4)\")\n{\n if(version_in_range(version:squidVer, test_version:\"3.0.0\", test_version2:\"3.5.14\"))\n {\n fix = \"3.5.15\";\n VULN = TRUE ;\n }\n\n else if(version_in_range(version:squidVer, test_version:\"4.0.0\", test_version2:\"4.0.6\"))\n {\n fix = \"4.0.7\";\n VULN = TRUE ;\n }\n\n if(VULN)\n {\n report = report_fixed_ver(installed_version:squidVer, fixed_version:fix);\n security_message(data:report, port:squidPort);\n exit(0);\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:43", "description": "Mageia Linux Local Security Checks mgasa-2016-0095", "cvss3": {}, "published": "2016-03-08T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0095", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2570", "CVE-2016-2569", "CVE-2016-2571"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310131258", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131258", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0095.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131258\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-08 07:15:22 +0200 (Tue, 08 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0095\");\n script_tag(name:\"insight\", value:\"Updated squid packages fix security vulnerability: Due to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0095.html\");\n script_cve_id(\"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0095\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.4.13~1.4.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:39:36", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2018-1074)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181074", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181074", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1074\");\n script_version(\"2020-01-23T11:11:49+0000\");\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:11:49 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:11:49 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2018-1074)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1074\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1074\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'squid' package(s) announced via the EulerOS-SA-2018-1074 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax..(CVE-2018-1000024)\n\nThe Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. (CVE-2018-1000027)\");\n\n script_tag(name:\"affected\", value:\"'squid' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~2.2.h2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~2.2.h2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:34:36", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2018-1075)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181075", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181075", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1075\");\n script_version(\"2020-01-23T11:11:51+0000\");\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:11:51 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:11:51 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2018-1075)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1075\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1075\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'squid' package(s) announced via the EulerOS-SA-2018-1075 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax..(CVE-2018-1000024)\n\nThe Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. (CVE-2018-1000027)\");\n\n script_tag(name:\"affected\", value:\"'squid' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.20~2.2.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"squid-migration-script\", rpm:\"squid-migration-script~3.5.20~2.2.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-04T18:55:47", "description": "Several vulnerabilities have been discovered in Squid3, a fully featured\nweb proxy cache. The Common Vulnerabilities and Exposures project\nidentifies the following issues:\n\nCVE-2018-1000024\nLouis Dion-Marcil discovered that Squid does not properly handle\nprocessing of certain ESI responses. A remote server delivering\ncertain ESI response syntax can take advantage of this flaw to cause\na denial of service for all clients accessing the Squid service.\nThis problem is limited to the Squid custom ESI parser.\n\nCVE-2018-1000027\nLouis Dion-Marcil discovered that Squid is prone to a denial of\nservice vulnerability when processing ESI responses or downloading\nintermediate CA certificates. A remote attacker can take advantage\nof this flaw to cause a denial of service for all clients accessing\nthe Squid service.", "cvss3": {}, "published": "2018-02-23T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4122-1 (squid3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704122", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704122", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4122-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704122\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n script_name(\"Debian Security Advisory DSA 4122-1 (squid3 - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-02-23 00:00:00 +0100 (Fri, 23 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4122.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"squid3 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), these problems have been fixed\nin version 3.4.8-6+deb8u5.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 3.5.23-5+deb9u1.\n\nWe recommend that you upgrade your squid3 packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/squid3\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in Squid3, a fully featured\nweb proxy cache. The Common Vulnerabilities and Exposures project\nidentifies the following issues:\n\nCVE-2018-1000024\nLouis Dion-Marcil discovered that Squid does not properly handle\nprocessing of certain ESI responses. A remote server delivering\ncertain ESI response syntax can take advantage of this flaw to cause\na denial of service for all clients accessing the Squid service.\nThis problem is limited to the Squid custom ESI parser.\n\nCVE-2018-1000027\nLouis Dion-Marcil discovered that Squid is prone to a denial of\nservice vulnerability when processing ESI responses or downloading\nintermediate CA certificates. A remote attacker can take advantage\nof this flaw to cause a denial of service for all clients accessing\nthe Squid service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"squid\", ver:\"3.5.23-5+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.5.23-5+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid-common\", ver:\"3.5.23-5+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid-dbg\", ver:\"3.5.23-5+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid-purge\", ver:\"3.5.23-5+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid3\", ver:\"3.5.23-5+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.5.23-5+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.4.8-6+deb8u5\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid-purge\", ver:\"3.4.8-6+deb8u5\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid3\", ver:\"3.4.8-6+deb8u5\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.4.8-6+deb8u5\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.4.8-6+deb8u5\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.4.8-6+deb8u5\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T20:09:34", "description": "Squid, a high-performance proxy caching server for web clients, has been\nfound vulnerable to denial of service attacks associated with ESI\nresponse processing and intermediate CA certificate downloading.\n\nCVE-2018-1000024\n\nIncorrect pointer handling resulted in the ability of a remote\nserver to return a crafted ESI response which could trigger a denial\nof service for all clients accessing the Squid service. This issue\naffects the Squid custom ESI parser.\n\nCVE-2018-1000027\n\nIncorrect pointer handling resulted in the possibility of a remote\nclient delivering certain HTTP requests in conjunction with certain\ntrusted server responses involving the processing of ESI responses or\ndownloading of intermediate CA certificates to trigger a denial of\nservice for all clients accessing the squid service.", "cvss3": {}, "published": "2018-02-21T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for squid3 (DLA-1266-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891266", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891266", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891266\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n script_name(\"Debian LTS: Security Advisory for squid3 (DLA-1266-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-02-21 00:00:00 +0100 (Wed, 21 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"squid3 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n3.1.20-2.2+deb7u8.\n\nWe recommend that you upgrade your squid3 packages.\");\n\n script_tag(name:\"summary\", value:\"Squid, a high-performance proxy caching server for web clients, has been\nfound vulnerable to denial of service attacks associated with ESI\nresponse processing and intermediate CA certificate downloading.\n\nCVE-2018-1000024\n\nIncorrect pointer handling resulted in the ability of a remote\nserver to return a crafted ESI response which could trigger a denial\nof service for all clients accessing the Squid service. This issue\naffects the Squid custom ESI parser.\n\nCVE-2018-1000027\n\nIncorrect pointer handling resulted in the possibility of a remote\nclient delivering certain HTTP requests in conjunction with certain\ntrusted server responses involving the processing of ESI responses or\ndownloading of intermediate CA certificates to trigger a denial of\nservice for all clients accessing the squid service.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.1.20-2.2+deb7u8\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.20-2.2+deb7u8\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.1.20-2.2+deb7u8\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.1.20-2.2+deb7u8\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.1.20-2.2+deb7u8\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-02-07T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2018-4fabf63492", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874105", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874105", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_4fabf63492_squid_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for squid FEDORA-2018-4fabf63492\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874105\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-02-07 08:08:58 +0100 (Wed, 07 Feb 2018)\");\n script_cve_id(\"CVE-2018-1000024\", \"CVE-2018-1000027\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for squid FEDORA-2018-4fabf63492\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"squid on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-4fabf63492\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB6HQWK7V2VCEVH35633BALACCWNOCMP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~4.0.23~2.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-04-07T16:39:37", "description": "Squid is vulnerable to denial of service attack when\n processing ESI responses.\n\n This NVT has been deprecated and merged into ", "cvss3": {}, "published": "2018-02-07T00:00:00", "type": "openvas", "title": "Squid Proxy Cache Security Update Advisory SQUID-2018:1 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000024"], "modified": "2020-04-02T00:00:00", "id": "OPENVAS:1361412562310107293", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310107293", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid Proxy Cache Security Update Advisory SQUID-2018:1 (Linux)\n#\n# Authors:\n# Tameem Eissa <tameem.eissa@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.107293\");\n script_version(\"2020-04-02T11:36:28+0000\");\n script_cve_id(\"CVE-2018-1000024\");\n script_tag(name:\"last_modification\", value:\"2020-04-02 11:36:28 +0000 (Thu, 02 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-02-07 13:28:30 +0100 (Wed, 07 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Squid Proxy Cache Security Update Advisory SQUID-2018:1 (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n\n script_tag(name:\"summary\", value:\"Squid is vulnerable to denial of service attack when\n processing ESI responses.\n\n This NVT has been deprecated and merged into 'Squid Proxy Cache Security Update Advisory SQUID-2018:1'\n (OID:1.3.6.1.4.1.25623.1.0.107294)\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Due to unrelated changes Squid-3.5 has become vulnerable\n to some regular ESI server responses also triggering this issue. This problem is limited to\n the Squid custom ESI parser.\");\n\n script_tag(name:\"impact\", value:\"This problem allows a remote server delivering certain ESI\n response syntax to trigger a denial of service for all clients accessing the Squid service.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.x -> 3.5.27, Squid 4.x -> 4.0.22.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to 4.0.23 or later. Patches are available, please\n see the references for details.\");\n\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2018_1.txt\");\n\n script_tag(name:\"deprecated\", value:TRUE);\n\n exit(0);\n}\n\nexit(66);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:35", "description": "Squid is vulnerable to denial of service attack when\n processing ESI responses.", "cvss3": {}, "published": "2018-02-07T00:00:00", "type": "openvas", "title": "Squid Proxy Cache Security Update Advisory SQUID-2018:1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000024"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310107294", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310107294", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_squid_2018_1_win.nasl 12391 2018-11-16 16:12:15Z cfischer $\n#\n# Squid Proxy Cache Security Update Advisory SQUID-2018:1\n#\n# Authors:\n# Tameem Eissa <tameem.eissa@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:squid-cache:squid';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.107294\");\n script_version(\"$Revision: 12391 $\");\n script_cve_id(\"CVE-2018-1000024\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 17:12:15 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-02-07 13:28:30 +0100 (Wed, 07 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n # Only vuln if not build against libxml2/libexpat or with other configuration\n # deployments described in the Advisory\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Squid Proxy Cache Security Update Advisory SQUID-2018:1\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_squid_detect.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\");\n\n script_tag(name:\"summary\", value:\"Squid is vulnerable to denial of service attack when\n processing ESI responses.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Due to unrelated changes Squid-3.5 has become vulnerable\n to some regular ESI server responses also triggering this issue. This problem is limited to\n the Squid custom ESI parser.\");\n\n script_tag(name:\"impact\", value:\"This problem allows a remote server delivering certain ESI\n response syntax to trigger a denial of service for all clients accessing the Squid service.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.x -> 3.5.27, Squid 4.x -> 4.0.22 with specific\n deployment variants described in the referenced Advisory.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to 4.0.23 or later. Patches are available, please\n see the references for details.\");\n\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2018_1.txt\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version =~ \"^3\\.\") {\n if (version_is_less_equal(version: version, test_version: \"3.5.27\")) {\n report = report_fixed_ver(installed_version: version, fixed_version:\"4.0.23\");\n }\n} else if (version =~ \"^4\\.\") {\n if (version_is_less_equal(version: version, test_version: \"4.0.22\")) {\n report = report_fixed_ver(installed_version: version, fixed_version:\"4.0.23\" );\n }\n}\n\nif (! isnull (report))\n{\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T20:09:34", "description": "Squid, a high-performance proxy caching server for web clients, has been\nfound vulnerable to denial of service attacks associated with ESI\nresponse processing and intermediate CA certificate downloading.\n\nCVE-2018-1000027\n\nIncorrect pointer handling resulted in the possibility of a remote\nclient delivering certain HTTP requests in conjunction with certain\ntrusted server responses involving the processing of ESI responses or\ndownloading of intermediate CA certificates to trigger a denial of\nservice for all clients accessing the squid service.", "cvss3": {}, "published": "2018-02-21T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for squid (DLA-1267-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000027"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891267", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891267", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891267\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-1000027\");\n script_name(\"Debian LTS: Security Advisory for squid (DLA-1267-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-02-21 00:00:00 +0100 (Wed, 21 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/02/msg00002.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"squid on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n2.7.STABLE9-4.1+deb7u3.\n\nWe recommend that you upgrade your squid packages.\");\n\n script_tag(name:\"summary\", value:\"Squid, a high-performance proxy caching server for web clients, has been\nfound vulnerable to denial of service attacks associated with ESI\nresponse processing and intermediate CA certificate downloading.\n\nCVE-2018-1000027\n\nIncorrect pointer handling resulted in the possibility of a remote\nclient delivering certain HTTP requests in conjunction with certain\ntrusted server responses involving the processing of ESI responses or\ndownloading of intermediate CA certificates to trigger a denial of\nservice for all clients accessing the squid service.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"squid\", ver:\"2.7.STABLE9-4.1+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"squid-common\", ver:\"2.7.STABLE9-4.1+deb7u3\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:35", "description": "Squid is vulnerable to denial of service attack\n when processing ESI responses.", "cvss3": {}, "published": "2018-02-09T00:00:00", "type": "openvas", "title": "Squid Proxy Cache Security Update Advisory SQUID-2018:2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000027"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310107297", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310107297", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_squid_2018_2_win.nasl 12116 2018-10-26 10:01:35Z mmartin $\n#\n# Squid Proxy Cache Security Update Advisory SQUID-2018:2\n#\n# Authors:\n# Tameem Eissa <tameem.eissa@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:squid-cache:squid';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.107297\");\n script_version(\"$Revision: 12116 $\");\n script_cve_id(\"CVE-2018-1000027\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 12:01:35 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-02-09 19:08:28 +0100 (Fri, 09 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n # Only vuln with other configuration deployments described in the Advisory\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Squid Proxy Cache Security Update Advisory SQUID-2018:2\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_squid_detect.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\");\n\n script_tag(name:\"summary\", value:\"Squid is vulnerable to denial of service attack\n when processing ESI responses.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Due to incorrect pointer handling Squid is vulnerable\n to denial of service attack when processing ESI responses or downloading intermediate CA\n certificates.\");\n\n script_tag(name:\"impact\", value:\"This problem allows a remote server delivering certain\n ESI response syntax to trigger a denial of service for all clients accessing the Squid service.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.x -> 3.5.27, Squid 4.x -> 4.0.22 with specific\n deployment variants described in the referenced Advisory.\");\n\n script_tag(name:\"solution\", value:\"Updated Packages:\n\n This bug is fixed by Squid version 4.0.23.\n\n In addition, patches addressing this problem for the stable\n releases can be found in our patch archives for Squid 3.5 and Squid 4.\n\n If you are using a prepackaged version of Squid then please refer\n to the package vendor for availability information on updated\n packages.\");\n\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2018_2.txt\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version =~ \"^3\\.\") {\n if (version_is_less_equal(version: version, test_version: \"3.5.27\")) {\n report = report_fixed_ver(installed_version: version, fixed_version:\"\" );\n }\n} else if (version =~ \"^4\\.\") {\n if (version_is_less_equal(version: version, test_version: \"4.0.22\")) {\n report = report_fixed_ver(installed_version: version, fixed_version:\"\" );\n }\n}\n\nif (! isnull (report))\n{\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-04-07T16:39:05", "description": "Squid is vulnerable to denial of service attack\n when processing ESI responses.\n\n This NVT has been deprecated and merged into ", "cvss3": {}, "published": "2018-02-09T00:00:00", "type": "openvas", "title": "Squid Proxy Cache Security Update Advisory SQUID-2018:2 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000027"], "modified": "2020-04-02T00:00:00", "id": "OPENVAS:1361412562310107296", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310107296", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid Proxy Cache Security Update Advisory SQUID-2018:2 (Linux)\n#\n# Authors:\n# Tameem Eissa <tameem.eissa@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.107296\");\n script_cve_id(\"CVE-2018-1000027\");\n script_version(\"2020-04-02T11:36:28+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-02 11:36:28 +0000 (Thu, 02 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-02-09 19:08:28 +0100 (Fri, 09 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Squid Proxy Cache Security Update Advisory SQUID-2018:2 (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n\n script_tag(name:\"summary\", value:\"Squid is vulnerable to denial of service attack\n when processing ESI responses.\n\n This NVT has been deprecated and merged into 'Squid Proxy Cache Security Update Advisory SQUID-2018:2'\n (OID:1.3.6.1.4.1.25623.1.0.107297)\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Due to incorrect pointer handling Squid is vulnerable\n to denial of service attack when processing ESI responses or downloading intermediate CA\n certificates.\");\n\n script_tag(name:\"impact\", value:\"This problem allows a remote server delivering certain\n ESI response syntax to trigger a denial of service for all clients accessing the Squid service.\");\n\n script_tag(name:\"affected\", value:\"Squid 3.x -> 3.5.27, Squid 4.x -> 4.0.22.\");\n\n script_tag(name:\"solution\", value:\"Updated Packages:\n\n This bug is fixed by Squid version 4.0.23.\n\n In addition, patches addressing this problem for the stable\n releases can be found in our patch archives for Squid 3.5 and Squid 4.\n\n If you are using a prepackaged version of Squid then please refer\n to the package vendor for availability information on updated\n packages.\");\n\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2018_2.txt\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch\");\n\n script_tag(name:\"deprecated\", value:TRUE);\n\n exit(0);\n}\n\nexit(66);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-02T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2016-b3b9407940", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4051", "CVE-2016-4555", "CVE-2016-2570", "CVE-2016-4052", "CVE-2016-3947", "CVE-2016-2569", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-2571", "CVE-2016-4054", "CVE-2016-4053", "CVE-2016-3948", "CVE-2016-2572"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310808882", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808882", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2016-b3b9407940\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808882\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:55:15 +0530 (Tue, 02 Aug 2016)\");\n script_cve_id(\"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-3947\", \"CVE-2016-3948\", \"CVE-2016-2569\", \"CVE-2016-2570\", \"CVE-2016-2571\", \"CVE-2016-2572\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for squid FEDORA-2016-b3b9407940\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"squid on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-b3b9407940\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUSMYOQLTNGZMOOC7JH4PUKJJAZCFN2Y\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.10~4.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:54:09", "description": "Alex Rousskov from The Measurement\nFactory discovered that Squid3, a fully featured web proxy cache, does not properly\nhandle errors for certain malformed HTTP responses. A remote HTTP server can exploit\nthis flaw to cause a denial of service (assertion failure and daemon exit).", "cvss3": {}, "published": "2016-03-20T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3522-1 (squid3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2571"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703522", "href": "http://plugins.openvas.org/nasl.php?oid=703522", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3522.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3522-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703522);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-2571\");\n script_name(\"Debian Security Advisory DSA 3522-1 (squid3 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-03-20 00:00:00 +0100 (Sun, 20 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3522.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"squid3 on Debian Linux\");\n script_tag(name: \"insight\", value: \"Squid is a high-performance proxy caching\nserver for web clients, supporting FTP, gopher, ICY and HTTP data objects.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 3.1.20-2.2+deb7u4.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.4.8-6+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 3.5.15-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.15-1.\n\nWe recommend that you upgrade your squid3 packages.\");\n script_tag(name: \"summary\", value: \"Alex Rousskov from The Measurement\nFactory discovered that Squid3, a fully featured web proxy cache, does not properly\nhandle errors for certain malformed HTTP responses. A remote HTTP server can exploit\nthis flaw to cause a denial of service (assertion failure and daemon exit).\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.4.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-purge\", ver:\"3.4.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.4.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.4.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.4.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.4.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.1.20-2.2+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.20-2.2+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.1.20-2.2+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.1.20-2.2+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.1.20-2.2+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid\", ver:\"3.5.15-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.5.15-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-common\", ver:\"3.5.15-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-dbg\", ver:\"3.5.15-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-purge\", ver:\"3.5.15-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.5.15-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.5.15-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:48", "description": "Alex Rousskov from The Measurement\nFactory discovered that Squid3, a fully featured web proxy cache, does not properly\nhandle errors for certain malformed HTTP responses. A remote HTTP server can exploit\nthis flaw to cause a denial of service (assertion failure and daemon exit).", "cvss3": {}, "published": "2016-03-20T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3522-1 (squid3 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2571"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703522", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703522", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3522.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3522-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703522\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-2571\");\n script_name(\"Debian Security Advisory DSA 3522-1 (squid3 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-20 00:00:00 +0100 (Sun, 20 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3522.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(8|7|9)\");\n script_tag(name:\"affected\", value:\"squid3 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 3.1.20-2.2+deb7u4.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.4.8-6+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 3.5.15-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.15-1.\n\nWe recommend that you upgrade your squid3 packages.\");\n script_tag(name:\"summary\", value:\"Alex Rousskov from The Measurement\nFactory discovered that Squid3, a fully featured web proxy cache, does not properly\nhandle errors for certain malformed HTTP responses. A remote HTTP server can exploit\nthis flaw to cause a denial of service (assertion failure and daemon exit).\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.4.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid-purge\", ver:\"3.4.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.4.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.4.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.4.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.4.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.1.20-2.2+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.20-2.2+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3-common\", ver:\"3.1.20-2.2+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3-dbg\", ver:\"3.1.20-2.2+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.1.20-2.2+deb7u4\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid\", ver:\"3.5.15-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"3.5.15-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid-common\", ver:\"3.5.15-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid-dbg\", ver:\"3.5.15-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid-purge\", ver:\"3.5.15-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.5.15-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"squidclient\", ver:\"3.5.15-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:04", "description": "Mageia Linux Local Security Checks mgasa-2016-0133", "cvss3": {}, "published": "2016-05-09T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0133", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-3947", "CVE-2016-3948"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310131313", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131313", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0133.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131313\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-05-09 14:18:14 +0300 (Mon, 09 May 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0133\");\n script_tag(name:\"insight\", value:\"Updated squid packages fix security vulnerabilities: Due to a buffer overrun, the Squid pinger binary in Squid before 3.5.16 is vulnerable to a denial of service or information leak attack when processing ICMPv6 packets. This bug also permits the server response to manipulate other ICMP and ICMPv6 queries processing to cause information leaks (CVE-2016-3947). Due to incorrect bounds checking, Squid before 3.5.16 is vulnerable to a denial of service attack when processing HTTP responses (CVE-2016-3948).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0133.html\");\n script_cve_id(\"CVE-2016-3947\", \"CVE-2016-3948\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0133\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.16~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-05T18:53:16", "description": "This host is running Squid and is prone\n to multiple denial of service vulnerability.", "cvss3": {}, "published": "2016-04-18T00:00:00", "type": "openvas", "title": "Squid Multiple Denial of Service Vulnerabilities April16 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-3947", "CVE-2016-3948"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310807794", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807794", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid Multiple Denial of Service Vulnerabilities April16 (Linux)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:squid-cache:squid\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807794\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-3947\", \"CVE-2016-3948\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-04-18 18:23:23 +0530 (Mon, 18 Apr 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Squid Multiple Denial of Service Vulnerabilities April16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running Squid and is prone\n to multiple denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - A buffer overrun in the 'Icmp6::Recv' function in 'icmp/Icmp6.cc' script\n in the 'pinger' process.\n\n - An incorrect bounds checking while processing HTTP responses.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n HTTP servers to cause a denial of service, or write sensitive information to\n log files.\");\n\n script_tag(name:\"affected\", value:\"Squid version 3.x before 3.5.16 and 4.x\n before 4.0.8 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Squid version 3.5.16 or 4.0.8\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2016-3948\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2016-3947\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_4.txt\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_3.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_squid_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 3128, 8080);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!squidPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!squidVer = get_app_version(cpe:CPE, port:squidPort)){\n exit(0);\n}\n\nif(squidVer =~ \"^(3|4)\")\n{\n if(version_in_range(version:squidVer, test_version:\"3.0.0\", test_version2:\"3.5.15\"))\n {\n fix = \"3.5.16\";\n VULN = TRUE ;\n }\n\n else if(version_in_range(version:squidVer, test_version:\"4.0.0\", test_version2:\"4.0.7\"))\n {\n fix = \"4.0.8\";\n VULN = TRUE ;\n }\n\n if(VULN)\n {\n report = report_fixed_ver(installed_version:squidVer, fixed_version:fix);\n security_message(data:report, port:squidPort);\n exit(0);\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-05T18:51:56", "description": "This host is running Squid and is prone\n to multiple denial of service vulnerability.", "cvss3": {}, "published": "2016-04-18T00:00:00", "type": "openvas", "title": "Squid Multiple Denial of Service Vulnerabilities April16 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-3947", "CVE-2016-3948"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310807793", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807793", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Squid Multiple Denial of Service Vulnerabilities April16 (Windows)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:squid-cache:squid\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807793\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-3947\", \"CVE-2016-3948\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-04-18 18:23:23 +0530 (Mon, 18 Apr 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Squid Multiple Denial of Service Vulnerabilities April16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running Squid and is prone\n to multiple denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - A buffer overrun in the 'Icmp6::Recv' function in 'icmp/Icmp6.cc' script\n in the 'pinger' process.\n\n - An incorrect bounds checking while processing HTTP responses.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n HTTP servers to cause a denial of service, or write sensitive information to\n log files.\");\n\n script_tag(name:\"affected\", value:\"Squid version 3.x before 3.5.16 and 4.x\n before 4.0.8 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Squid version 3.5.16 or 4.0.8\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2016-3948\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2016-3947\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_4.txt\");\n script_xref(name:\"URL\", value:\"http://www.squid-cache.org/Advisories/SQUID-2016_3.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_squid_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"squid_proxy_server/installed\", \"Host/runs_windows\");\n script_require_ports(\"Services/www\", 3128, 8080);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!squidPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!squidVer = get_app_version(cpe:CPE, port:squidPort)){\n exit(0);\n}\n\nif(squidVer =~ \"^(3|4)\")\n{\n if(version_in_range(version:squidVer, test_version:\"3.0.0\", test_version2:\"3.5.15\"))\n {\n fix = \"3.5.16\";\n VULN = TRUE ;\n }\n\n else if(version_in_range(version:squidVer, test_version:\"4.0.0\", test_version2:\"4.0.7\"))\n {\n fix = \"4.0.8\";\n VULN = TRUE ;\n }\n\n if(VULN)\n {\n report = report_fixed_ver(installed_version:squidVer, fixed_version:fix);\n security_message(data:report, port:squidPort);\n exit(0);\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-08T00:00:00", "type": "openvas", "title": "Ubuntu Update for squid3 USN-2921-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-6270", "CVE-2016-2571"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842677", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842677", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for squid3 USN-2921-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842677\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-08 12:37:34 +0530 (Tue, 08 Mar 2016)\");\n script_cve_id(\"CVE-2014-6270\", \"CVE-2016-2571\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for squid3 USN-2921-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Sebastian Krahmer discovered that Squid\n incorrectly handled certain SNMP requests. If SNMP is enabled, a remote attacker\n could use this issue to cause Squid to crash, resulting in a denial of service,\n or possibly execute arbitrary code. (CVE-2014-6270)\n\n Alex Rousskov discovered that Squid incorrectly handled certain malformed\n responses. A remote attacker could possibly use this issue to cause Squid\n to crash, resulting in a denial of service. (CVE-2016-2571)\");\n script_tag(name:\"affected\", value:\"squid3 on Ubuntu 15.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2921-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2921-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.3.8-1ubuntu6.6\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.1.19-1ubuntu3.12.04.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"squid3\", ver:\"3.3.8-1ubuntu16.2\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for libecap FEDORA-2016-7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5400", "CVE-2015-3455", "CVE-2016-2571", "CVE-2016-2572"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310807976", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807976", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libecap FEDORA-2016-7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807976\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-07 05:18:25 +0200 (Sat, 07 May 2016)\");\n script_cve_id(\"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2015-3455\", \"CVE-2015-5400\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libecap FEDORA-2016-7\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libecap'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libecap on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183598.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"libecap\", rpm:\"libecap~1.0.0~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2016-7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5400", "CVE-2015-3455", "CVE-2016-2571", "CVE-2016-2572"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310807978", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807978", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2016-7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807978\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-07 05:18:30 +0200 (Sat, 07 May 2016)\");\n script_cve_id(\"CVE-2016-2571\", \"CVE-2016-2572\", \"CVE-2015-3455\", \"CVE-2015-5400\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for squid FEDORA-2016-7\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"squid on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183597.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.10~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-02T00:00:00", "type": "openvas", "title": "Fedora Update for squid FEDORA-2016-95edf19d8a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4051", "CVE-2016-4555", "CVE-2016-4052", "CVE-2016-3947", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-4054", "CVE-2016-4053", "CVE-2016-3948"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310808861", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808861", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squid FEDORA-2016-95edf19d8a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808861\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:55:22 +0530 (Tue, 02 Aug 2016)\");\n script_cve_id(\"CVE-2016-4553\", \"CVE-2016-4554\", \"CVE-2016-4555\", \"CVE-2016-4556\", \"CVE-2016-4051\", \"CVE-2016-4052\", \"CVE-2016-4053\", \"CVE-2016-4054\", \"CVE-2016-3947\", \"CVE-2016-3948\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for squid FEDORA-2016-95edf19d8a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"squid on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-95edf19d8a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDA22FZ3PENTZHB636VUSXD3FPICUKKQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~3.5.19~2.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2023-01-01T05:08:53", "description": "**CentOS Errata and Security Advisory** CESA-2016:2600\n\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nThe following packages have been upgraded to a newer upstream version: squid (3.5.20). (BZ#1273942, BZ#1349775)\n\nSecurity Fix(es):\n\n* Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)\n\n* It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n* An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-cr-announce/2016-November/023241.html\n\n**Affected packages:**\nsquid\nsquid-migration-script\nsquid-sysvinit\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2016:2600", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-11-25T16:02:47", "type": "centos", "title": "squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3948"], "modified": "2016-11-25T16:02:47", "id": "CESA-2016:2600", "href": "https://lists.centos.org/pipermail/centos-cr-announce/2016-November/023241.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-01T05:08:10", "description": "**CentOS Errata and Security Advisory** CESA-2020:1068\n\n\nSquid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n* squid: Incorrect pointer handling when processing ESI Responses can lead to denial of service (CVE-2018-1000024)\n\n* squid: Incorrect pointer handling in HTTP processing and certificate download can lead to denial of service (CVE-2018-1000027)\n\n* squid: XSS via user_name or auth parameter in cachemgr.cgi (CVE-2019-13345)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-cr-announce/2020-April/025991.html\n\n**Affected packages:**\nsquid\nsquid-migration-script\nsquid-sysvinit\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2020:1068", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-08T19:21:41", "type": "centos", "title": "squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027", "CVE-2019-13345"], "modified": "2020-04-08T19:21:41", "id": "CESA-2020:1068", "href": "https://lists.centos.org/pipermail/centos-cr-announce/2020-April/025991.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-21T04:46:20", "description": "Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nThe following packages have been upgraded to a newer upstream version: squid (3.5.20). (BZ#1273942, BZ#1349775)\n\nSecurity Fix(es):\n\n* Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)\n\n* It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)\n\n* An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-3948)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-11-03T06:07:16", "type": "redhat", "title": "(RHSA-2016:2600) Moderate: squid security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3948"], "modified": "2018-04-11T23:32:39", "id": "RHSA-2016:2600", "href": "https://access.redhat.com/errata/RHSA-2016:2600", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:36:40", "description": "Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.\n\nSecurity Fix(es):\n\n* squid: Incorrect pointer handling when processing ESI Responses can lead to denial of service (CVE-2018-1000024)\n\n* squid: Incorrect pointer handling in HTTP processing and certificate download can lead to denial of service (CVE-2018-1000027)\n\n* squid: XSS via user_name or auth parameter in cachemgr.cgi (CVE-2019-13345)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2020-03-31T09:14:49", "type": "redhat", "title": "(RHSA-2020:1068) Moderate: squid security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027", "CVE-2019-13345"], "modified": "2020-11-18T19:54:26", "id": "RHSA-2020:1068", "href": "https://access.redhat.com/errata/RHSA-2020:1068", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:32", "description": "\n\nSquid security advisory 2016:2 reports:\n\nDue to incorrect bounds checking Squid is vulnerable to a denial\n\t of service attack when processing HTTP responses.\nThese problems allow remote servers delivering certain unusual\n\t HTTP response syntax to trigger a denial of service for all\n\t clients accessing the Squid service.\nHTTP responses containing malformed headers that trigger this\n\t issue are becoming common. We are not certain at this time if\n\t that is a sign of malware or just broken server scripting.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-02-24T00:00:00", "type": "freebsd", "title": "squid -- remote DoS in HTTP response processing", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571"], "modified": "2016-02-28T00:00:00", "id": "660EBBF5-DAEB-11E5-B2BD-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-19T15:51:31", "description": "\n\nLouis Dion-Marcil reports:\n\nDue to incorrect pointer handling Squid is vulnerable to denial\n\t of service attack when processing ESI responses.\nThis problem allows a remote server delivering certain ESI\n\t response syntax to trigger a denial of service for all clients\n\t accessing the Squid service.\nDue to unrelated changes Squid-3.5 has become vulnerable to some\n\t regular ESI server responses also triggering this issue.\nThis problem is limited to the Squid custom ESI parser.\n\t Squid built to use libxml2 or libexpat XML parsers do not have\n\t this problem.\n\n\nDue to incorrect pointer handling Squid is vulnerable to denial\n\t of service attack when processing ESI responses or downloading\n\t intermediate CA certificates.\nThis problem allows a remote client delivering certain HTTP\n\t requests in conjunction with certain trusted server responses to\n\t trigger a denial of service for all clients accessing the Squid\n\t service.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-12-13T00:00:00", "type": "freebsd", "title": "squid -- Vulnerable to Denial of Service attack", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2017-12-13T00:00:00", "id": "D5B6D151-1887-11E8-94F7-9C5C8E75236A", "href": "https://vuxml.freebsd.org/freebsd/d5b6d151-1887-11e8-94f7-9c5c8e75236a.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-19T15:51:32", "description": "\n\nSquid security advisory 2016:3 reports:\n\nDue to a buffer overrun Squid pinger binary is vulnerable to\n\t denial of service or information leak attack when processing\n\t ICMPv6 packets.\nThis bug also permits the server response to manipulate other\n\t ICMP and ICMPv6 queries processing to cause information leak.\nThis bug allows any remote server to perform a denial of service\n\t attack on the Squid service by crashing the pinger. This may\n\t affect Squid HTTP routing decisions. In some configurations,\n\t sub-optimal routing decisions may result in serious service\n\t degradation or even transaction failures.\nIf the system does not contain buffer-overrun protection leading\n\t to that crash this bug will instead allow attackers to leak\n\t arbitrary amounts of information from the heap into Squid log\n\t files. This is of higher importance than usual because the pinger\n\t process operates with root priviliges.\n\nSquid security advisory 2016:4 reports:\n\nDue to incorrect bounds checking Squid is vulnerable to a denial\n\t of service attack when processing HTTP responses.\nThis problem allows a malicious client script and remote server\n\t delivering certain unusual HTTP response syntax to trigger a\n\t denial of service for all clients accessing the Squid service.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 8.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.2}, "published": "2016-03-28T00:00:00", "type": "freebsd", "title": "squid -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3947", "CVE-2016-3948"], "modified": "2016-03-28T00:00:00", "id": "297117BA-F92D-11E5-92CE-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/297117ba-f92d-11e5-92ce-002590263bf5.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated squid packages fix security vulnerability: Due to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-03-07T11:20:30", "type": "mageia", "title": "Updated squid packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571"], "modified": "2016-03-07T11:20:30", "id": "MGASA-2016-0095", "href": "https://advisories.mageia.org/MGASA-2016-0095.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-18T11:19:34", "description": "Updated squid packages fix security vulnerabilities: Due to a buffer overrun, the Squid pinger binary in Squid before 3.5.16 is vulnerable to a denial of service or information leak attack when processing ICMPv6 packets. This bug also permits the server response to manipulate other ICMP and ICMPv6 queries processing to cause information leaks (CVE-2016-3947). Due to incorrect bounds checking, Squid before 3.5.16 is vulnerable to a denial of service attack when processing HTTP responses (CVE-2016-3948). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2016-04-06T14:09:53", "type": "mageia", "title": "Updated squid packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3947", "CVE-2016-3948"], "modified": "2016-04-06T14:09:53", "id": "MGASA-2016-0133", "href": "https://advisories.mageia.org/MGASA-2016-0133.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-02-06T15:38:05", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: squid-4.0.23-2.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2018-02-06T15:38:05", "id": "FEDORA:6F39E6015F66", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZB6HQWK7V2VCEVH35633BALACCWNOCMP/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 8.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.2}, "published": "2016-07-13T00:00:11", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: squid-3.5.10-4.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2016-07-13T00:00:11", "id": "FEDORA:5FDDD607973C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TUSMYOQLTNGZMOOC7JH4PUKJJAZCFN2Y/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {}, "published": "2016-05-06T19:58:05", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: squid-3.5.10-1.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3455", "CVE-2015-5400", "CVE-2016-2571", "CVE-2016-2572"], "modified": "2016-05-06T19:58:05", "id": "FEDORA:49B4D604B01E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YXT6BZAGVIC4IV3QJP2JCERHHTMP5O4Q/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "eCAP is a software interface that allows a network application, such as an HTTP proxy or an ICAP server, to outsource content analysis and adaptation to a loadable module. For each applicable protocol message being processed, an eCAP-enabled host application supplies the message details to the adaptation module and gets back an adapted message, a \"not interested\" response, or a \"block this message now!\" instruction. These exchanges often include message bodies. The adaptation module can also exchange meta-information with the host application to supply additional details such as configuration options, a reason behind the decision to ignore a message, or a detected virus name. If you are familiar with the ICAP protocol (RFC 3507), then you may think of eCAP as an \"embedded ICAP\", where network interactions with an ICAP server are replaced with function calls to an adaptation module. ", "cvss3": {}, "published": "2016-05-06T19:58:05", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: libecap-1.0.0-1.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3455", "CVE-2015-5400", "CVE-2016-2571", "CVE-2016-2572"], "modified": "2016-05-06T19:58:05", "id": "FEDORA:3891B6342020", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BRWBYYXA4UCNAPCE6U7N6HAIPZ4MPVOX/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 8.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.2}, "published": "2016-07-12T20:35:35", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: squid-3.5.19-2.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2016-07-12T20:35:35", "id": "FEDORA:CE95660677B3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UDA22FZ3PENTZHB636VUSXD3FPICUKKQ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2023-02-08T17:14:46", "description": "**Issue Overview:**\n\nThe Squid Software Foundation Squid HTTP Caching Proxy contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request.(CVE-2018-1000027)\n\nThe Squid Software Foundation Squid HTTP Caching Proxy contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.(CVE-2018-1000024)\n\n \n**Affected Packages:** \n\n\nsquid\n\n \n**Issue Correction:** \nRun _yum update squid_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 squid-3.5.20-11.35.amzn1.i686 \n \u00a0\u00a0\u00a0 squid-migration-script-3.5.20-11.35.amzn1.i686 \n \u00a0\u00a0\u00a0 squid-debuginfo-3.5.20-11.35.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 squid-3.5.20-11.35.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 squid-debuginfo-3.5.20-11.35.amzn1.x86_64 \n \u00a0\u00a0\u00a0 squid-3.5.20-11.35.amzn1.x86_64 \n \u00a0\u00a0\u00a0 squid-migration-script-3.5.20-11.35.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2018-1000024](<https://access.redhat.com/security/cve/CVE-2018-1000024>), [CVE-2018-1000027](<https://access.redhat.com/security/cve/CVE-2018-1000027>)\n\nMitre: [CVE-2018-1000024](<https://vulners.com/cve/CVE-2018-1000024>), [CVE-2018-1000027](<https://vulners.com/cve/CVE-2018-1000027>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-19T17:10:00", "type": "amazon", "title": "Medium: squid", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2018-09-19T23:33:00", "id": "ALAS-2018-1081", "href": "https://alas.aws.amazon.com/ALAS-2018-1081.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2021-12-31T04:26:38", "description": "Package : squid3\nVersion : 3.1.20-2.2+deb7u8\nCVE ID : CVE-2018-1000024 CVE-2018-1000027\nDebian Bug : 888719 888720\n\n\nSquid, a high-performance proxy caching server for web clients, has been\nfound vulnerable to denial of service attacks associated with ESI\nresponse processing and intermediate CA certificate downloading.\n\nCVE-2018-1000024\n\n Incorrect pointer handling resulted in the ability of a remote\n server to return a crafted ESI response which could trigger a denial\n of service for all clients accessing the Squid service. This issue\n affects the Squid custom ESI parser. \n\nCVE-2018-1000027\n\n Incorrect pointer handling resulted in the possibility of a remote\n client delivering certain HTTP requests in conjunction with certain\n trusted server reponses involving the processing of ESI responses or\n downloading of intermediate CA certificates to trigger a denial of\n service for all clients accessing the squid service.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n3.1.20-2.2+deb7u8.\n\nWe recommend that you upgrade your squid3 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-02-02T14:42:06", "type": "debian", "title": "[SECURITY] [DLA 1266-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2018-02-02T14:42:06", "id": "DEBIAN:DLA-1266-1:73D47", "href": "https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T21:43:14", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4122-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nFebruary 23, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : squid3\nCVE ID : CVE-2018-1000024 CVE-2018-1000027\nDebian Bug : 888719 888720\n\nSeveral vulnerabilities have been discovered in Squid3, a fully featured\nweb proxy cache. The Common Vulnerabilities and Exposures project\nidentifies the following issues:\n\nCVE-2018-1000024\n\n Louis Dion-Marcil discovered that Squid does not properly handle\n processing of certain ESI responses. A remote server delivering\n certain ESI response syntax can take advantage of this flaw to cause\n a denial of service for all clients accessing the Squid service.\n This problem is limited to the Squid custom ESI parser.\n\n http://www.squid-cache.org/Advisories/SQUID-2018_1.txt\n\nCVE-2018-1000027\n\n Louis Dion-Marcil discovered that Squid is prone to a denial of\n service vulnerability when processing ESI responses or downloading\n intermediate CA certificates. A remote attacker can take advantage\n of this flaw to cause a denial of service for all clients accessing\n the Squid service.\n\n http://www.squid-cache.org/Advisories/SQUID-2018_2.txt\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 3.4.8-6+deb8u5.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 3.5.23-5+deb9u1.\n\nWe recommend that you upgrade your squid3 packages.\n\nFor the detailed security status of squid3 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/squid3\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-02-22T23:45:07", "type": "debian", "title": "[SECURITY] [DSA 4122-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2018-02-22T23:45:07", "id": "DEBIAN:DSA-4122-1:4EE00", "href": "https://lists.debian.org/debian-security-announce/2018/msg00047.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-18T23:51:50", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4122-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nFebruary 23, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : squid3\nCVE ID : CVE-2018-1000024 CVE-2018-1000027\nDebian Bug : 888719 888720\n\nSeveral vulnerabilities have been discovered in Squid3, a fully featured\nweb proxy cache. The Common Vulnerabilities and Exposures project\nidentifies the following issues:\n\nCVE-2018-1000024\n\n Louis Dion-Marcil discovered that Squid does not properly handle\n processing of certain ESI responses. A remote server delivering\n certain ESI response syntax can take advantage of this flaw to cause\n a denial of service for all clients accessing the Squid service.\n This problem is limited to the Squid custom ESI parser.\n\n http://www.squid-cache.org/Advisories/SQUID-2018_1.txt\n\nCVE-2018-1000027\n\n Louis Dion-Marcil discovered that Squid is prone to a denial of\n service vulnerability when processing ESI responses or downloading\n intermediate CA certificates. A remote attacker can take advantage\n of this flaw to cause a denial of service for all clients accessing\n the Squid service.\n\n http://www.squid-cache.org/Advisories/SQUID-2018_2.txt\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 3.4.8-6+deb8u5.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 3.5.23-5+deb9u1.\n\nWe recommend that you upgrade your squid3 packages.\n\nFor the detailed security status of squid3 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/squid3\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-02-22T23:45:07", "type": "debian", "title": "[SECURITY] [DSA 4122-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2018-02-22T23:45:07", "id": "DEBIAN:DSA-4122-1:653E9", "href": "https://lists.debian.org/debian-security-announce/2018/msg00047.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-05T05:03:30", "description": "Package : squid3\nVersion : 3.1.6-1.2+squeeze6\nCVE ID : CVE-2016-2569 CVE-2016-2571\nDebian Bug : 816011\n\nSeveral security issues have been discovered in the Squid caching proxy.\n\nCVE-2016-2569\n\n Squid wrongly checked boundaries of String data, making it possible\n for remote attackers to cause a Denial-of-Service by a crafted HTTP\n Vary header. Issue found by Mathias Fischer from Open Systems AG.\n\nCVE-2016-2571\n\n Squid was susceptible to a Denial of Service caused by storing\n certain kind of data after failing to parse a response. Issue\n discovered by Alex Rousskov from The Measurement Factory\n\nFor Debian 6 "Squeeze", these issues have been fixed in squid3 version\n3.1.6-1.2+squeeze6. We recommend you to upgrade your squid3 packages.\n\nLearn more about the Debian Long Term Support (LTS) Project and how to\napply these updates at: https://wiki.debian.org/LTS/\nAttachment:\nsignature.asc\nDescription: Digital signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-02-29T22:18:34", "type": "debian", "title": "[SECURITY] [DLA 445-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2571"], "modified": "2016-02-29T22:18:34", "id": "DEBIAN:DLA-445-1:92CBA", "href": "https://lists.debian.org/debian-lts-announce/2016/02/msg00037.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-10T16:18:42", "description": "Package : squid\nVersion : 2.7.STABLE9-4.1+deb7u3\nCVE ID : CVE-2018-1000027\nDebian Bug : 888720\n\n\nSquid, a high-performance proxy caching server for web clients, has been\nfound vulnerable to denial of service attacks associated with ESI\nresponse processing and intermediate CA certificate downloading.\n\nCVE-2018-1000027\n\n Incorrect pointer handling resulted in the possibility of a remote\n client delivering certain HTTP requests in conjunction with certain\n trusted server reponses involving the processing of ESI responses or\n downloading of intermediate CA certificates to trigger a denial of\n service for all clients accessing the squid service.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n2.7.STABLE9-4.1+deb7u3.\n\nWe recommend that you upgrade your squid packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-02-02T14:43:06", "type": "debian", "title": "[SECURITY] [DLA 1267-1] squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000027"], "modified": "2018-02-02T14:43:06", "id": "DEBIAN:DLA-1267-1:BBE67", "href": "https://lists.debian.org/debian-lts-announce/2018/02/msg00002.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-23T22:13:25", "description": "Package : squid3\nVersion : 3.1.6-1.2+squeeze7\nCVE ID : CVE-2016-2569\nDebian Bug : 816601\n\nThe backported patch to solve CVE-2016-2569 yielded to failed assertions\nthat made squid3 to crash when closing connections. The fix for this CVE\nstrongly relies on exception handling present in more recent versions of\nsquid3, that I failed to identify in the previous update. I have\nreverted the patch to take the safest position, taking into account that\nSqueeze users should migrate to a supported version of Debian. This\npost-EOL update is intended to keep a functional squid3 package in the\narchive.\nAttachment:\nsignature.asc\nDescription: Digital signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-03-03T21:59:04", "type": "debian", "title": "[SECURITY] [DLA 445-2] squid3 regression update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569"], "modified": "2016-03-03T21:59:04", "id": "DEBIAN:DLA-445-2:57DA3", "href": "https://lists.debian.org/debian-lts-announce/2016/03/msg00001.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-10T00:00:00", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3522-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nMarch 20, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : squid3\nCVE ID : CVE-2016-2571\n\nAlex Rousskov from The Measurement Factory discovered that Squid3, a\nfully featured web proxy cache, does not properly handle errors for\ncertain malformed HTTP responses. A remote HTTP server can exploit this\nflaw to cause a denial of service (assertion failure and daemon exit).\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 3.1.20-2.2+deb7u4.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.4.8-6+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 3.5.15-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.15-1.\n\nWe recommend that you upgrade your squid3 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-03-20T18:36:35", "type": "debian", "title": "[SECURITY] [DSA 3522-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2571"], "modified": "2016-03-20T18:36:35", "id": "DEBIAN:DSA-3522-1:17C1E", "href": "https://lists.debian.org/debian-security-announce/2016/msg00096.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T22:16:25", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3522-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nMarch 20, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : squid3\nCVE ID : CVE-2016-2571\n\nAlex Rousskov from The Measurement Factory discovered that Squid3, a\nfully featured web proxy cache, does not properly handle errors for\ncertain malformed HTTP responses. A remote HTTP server can exploit this\nflaw to cause a denial of service (assertion failure and daemon exit).\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 3.1.20-2.2+deb7u4.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.4.8-6+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 3.5.15-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.15-1.\n\nWe recommend that you upgrade your squid3 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-03-20T18:36:35", "type": "debian", "title": "[SECURITY] [DSA 3522-1] squid3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2571"], "modified": "2016-03-20T18:36:35", "id": "DEBIAN:DSA-3522-1:93CB1", "href": "https://lists.debian.org/debian-security-announce/2016/msg00096.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2022-08-05T05:18:09", "description": "\nSquid, a high-performance proxy caching server for web clients, has been\nfound vulnerable to denial of service attacks associated with ESI\nresponse processing and intermediate CA certificate downloading.\n\n\n* [CVE-2018-1000024](https://security-tracker.debian.org/tracker/CVE-2018-1000024)\nIncorrect pointer handling resulted in the ability of a remote\n server to return a crafted ESI response which could trigger a denial\n of service for all clients accessing the Squid service. This issue\n affects the Squid custom ESI parser.\n* [CVE-2018-1000027](https://security-tracker.debian.org/tracker/CVE-2018-1000027)\nIncorrect pointer handling resulted in the possibility of a remote\n client delivering certain HTTP requests in conjunction with certain\n trusted server reponses involving the processing of ESI responses or\n downloading of intermediate CA certificates to trigger a denial of\n service for all clients accessing the squid service.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n3.1.20-2.2+deb7u8.\n\n\nWe recommend that you upgrade your squid3 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-02-02T00:00:00", "type": "osv", "title": "squid3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2022-08-05T05:18:06", "id": "OSV:DLA-1266-1", "href": "https://osv.dev/vulnerability/DLA-1266-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:13:41", "description": "\nSeveral vulnerabilities have been discovered in Squid3, a fully featured\nweb proxy cache. The Common Vulnerabilities and Exposures project\nidentifies the following issues:\n\n\n* [CVE-2018-1000024](https://security-tracker.debian.org/tracker/CVE-2018-1000024)\nLouis Dion-Marcil discovered that Squid does not properly handle\n processing of certain ESI responses. A remote server delivering\n certain ESI response syntax can take advantage of this flaw to cause\n a denial of service for all clients accessing the Squid service.\n This problem is limited to the Squid custom ESI parser.\n* [CVE-2018-1000027](https://security-tracker.debian.org/tracker/CVE-2018-1000027)\nLouis Dion-Marcil discovered that Squid is prone to a denial of\n service vulnerability when processing ESI responses or downloading\n intermediate CA certificates. A remote attacker can take advantage\n of this flaw to cause a denial of service for all clients accessing\n the Squid service.\n\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 3.4.8-6+deb8u5.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 3.5.23-5+deb9u1.\n\n\nWe recommend that you upgrade your squid3 packages.\n\n\nFor the detailed security status of squid3 please refer to \nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/squid3](https://security-tracker.debian.org/tracker/squid3)\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-02-23T00:00:00", "type": "osv", "title": "squid3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027"], "modified": "2022-08-10T07:13:38", "id": "OSV:DSA-4122-1", "href": "https://osv.dev/vulnerability/DSA-4122-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-05T05:19:31", "description": "\nThe backported patch to solve [CVE-2016-2569](https://security-tracker.debian.org/tracker/CVE-2016-2569) yielded to failed assertions\nthat made squid3 to crash when closing connections. The fix for this CVE\nstrongly relies on exception handling present in more recent versions of\nsquid3, that I failed to identify in the previous update. I have\nreverted the patch to take the safest position, taking into account that\nSqueeze users should migrate to a supported version of Debian. This\npost-EOL update is intended to keep a functional squid3 package in the\narchive.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-03-03T00:00:00", "type": "osv", "title": "squid3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2571"], "modified": "2022-08-05T05:19:30", "id": "OSV:DLA-445-1", "href": "https://osv.dev/vulnerability/DLA-445-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-05T05:18:08", "description": "\nSquid, a high-performance proxy caching server for web clients, has been\nfound vulnerable to denial of service attacks associated with ESI\nresponse processing and intermediate CA certificate downloading.\n\n\n* [CVE-2018-1000027](https://security-tracker.debian.org/tracker/CVE-2018-1000027)\nIncorrect pointer handling resulted in the possibility of a remote\n client delivering certain HTTP requests in conjunction with certain\n trusted server reponses involving the processing of ESI responses or\n downloading of intermediate CA certificates to trigger a denial of\n service for all clients accessing the squid service.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n2.7.STABLE9-4.1+deb7u3.\n\n\nWe recommend that you upgrade your squid packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-02-02T00:00:00", "type": "osv", "title": "squid - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000027"], "modified": "2022-08-05T05:18:06", "id": "OSV:DLA-1267-1", "href": "https://osv.dev/vulnerability/DLA-1267-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-21T08:13:39", "description": "\nThe backported patch to solve [CVE-2016-2569](https://security-tracker.debian.org/tracker/CVE-2016-2569) yielded to failed assertions\nthat made squid3 to crash when closing connections. The fix for this CVE\nstrongly relies on exception handling present in more recent versions of\nsquid3, that I failed to identify in the previous update. I have\nreverted the patch to take the safest position, taking into account that\nSqueeze users should migrate to a supported version of Debian. This\npost-EOL update is intended to keep a functional squid3 package in the\narchive.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-03-03T00:00:00", "type": "osv", "title": "squid3 - regression update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569"], "modified": "2022-07-21T05:54:25", "id": "OSV:DLA-445-2", "href": "https://osv.dev/vulnerability/DLA-445-2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:08:30", "description": "\nAlex Rousskov from The Measurement Factory discovered that Squid3, a\nfully featured web proxy cache, does not properly handle errors for\ncertain malformed HTTP responses. A remote HTTP server can exploit this\nflaw to cause a denial of service (assertion failure and daemon exit).\n\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 3.1.20-2.2+deb7u4.\n\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.4.8-6+deb8u2.\n\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 3.5.15-1.\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.15-1.\n\n\nWe recommend that you upgrade your squid3 packages.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-03-20T00:00:00", "type": "osv", "title": "squid3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2571"], "modified": "2022-08-10T07:08:27", "id": "OSV:DSA-3522-1", "href": "https://osv.dev/vulnerability/DSA-3522-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:09:40", "description": "\nSeveral security issues have been discovered in the Squid caching proxy.\n\n\n* [CVE-2016-4051](https://security-tracker.debian.org/tracker/CVE-2016-4051):\n\n CESG and Yuriy M. Kaminskiy discovered that Squid cachemgr.cgi was\n vulnerable to a buffer overflow when processing remotely supplied\n inputs relayed through Squid.\n* [CVE-2016-4052](https://security-tracker.debian.org/tracker/CVE-2016-4052):\n\n CESG discovered that a buffer overflow made Squid vulnerable to a\n Denial of Service (DoS) attack when processing ESI responses.\n* [CVE-2016-4053](https://security-tracker.debian.org/tracker/CVE-2016-4053):\n\n CESG found that Squid was vulnerable to public information\n disclosure of the server stack layout when processing ESI responses.\n* [CVE-2016-4054](https://security-tracker.debian.org/tracker/CVE-2016-4054):\n\n CESG discovered that Squid was vulnerable to remote code execution\n when processing ESI responses.\n* [CVE-2016-4554](https://security-tracker.debian.org/tracker/CVE-2016-4554):\n\n Jianjun Chen found that Squid was vulnerable to a header smuggling\n attack that could lead to cache poisoning and to bypass of\n same-origin security policy in Squid and some client browsers.\n* [CVE-2016-4555](https://security-tracker.debian.org/tracker/CVE-2016-4555),\n [CVE-2016-4556](https://security-tracker.debian.org/tracker/CVE-2016-4556):\n\n \"bfek-18\" and \"@vftable\" found that Squid was vulnerable to a Denial\n of Service (DoS) attack when processing ESI responses, due to\n incorrect pointer handling and reference counting.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.4.8-6+deb8u3.\n\n\nFor the testing (stretch) and unstable (sid) distributions, these\nproblems have been fixed in version 3.5.19-1.\n\n\nWe recommend that you upgrade your squid3 packages.\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-22T00:00:00", "type": "osv", "title": "squid3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4051", "CVE-2016-4555", "CVE-2016-4052", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-4054", "CVE-2016-4053", "CVE-2016-3948"], "modified": "2022-08-10T07:09:02", "id": "OSV:DSA-3625-1", "href": "https://osv.dev/vulnerability/DSA-3625-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:35", "description": "[7:3.5.20-15]\n- Resolves: #1690551 - Squid cache_peer DNS lookup failed when not all lower\n case\n- Resolves: #1680022 - squid cant display download/upload packet size for HTTPS\n sites\n- Resolves: #1717430 - Excessive memory usage when running out of descriptors\n- Resolves: #1676420 - Cache siblings return wrongly cached gateway timeouts\n- Resolves: #1729435 - CVE-2019-13345 squid: XSS via user_name or auth parameter\n in cachemgr.cgi\n- Resolves: #1582301 - CVE-2018-1000024 CVE-2018-1000027 squid: various flaws\n[7:3.5.20-13]\n- Resolves: #1620546 - migration of upstream squid", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2020-04-06T00:00:00", "type": "oraclelinux", "title": "squid security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024", "CVE-2018-1000027", "CVE-2019-13345"], "modified": "2020-04-06T00:00:00", "id": "ELSA-2020-1068", "href": "http://linux.oracle.com/errata/ELSA-2020-1068.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:25:07", "description": "[7:3.5.20-2]\n- Resolves: #1378025 - host_verify_strict only accepts lowercase arguments\n[7:3.5.20-1]\n- Resolves: #1273942 - Rebase squid to latest mature 3.5 version (3.5.20)\n[7:3.5.10-9]\n- Related: #1349775 - Provide migration tools needed due to rebase\n to squid 3.5 as a separate sub-package\n[7:3.5.10-8]\n- Related: #1349775 - Provide migration tools needed due to rebase\n to squid 3.5 as a separate sub-package\n[7:3.5.10-7]\n- Related: #1349775 - Provide migration tools needed due to rebase\n to squid 3.5 as a separate sub-package\n[7:3.5.10-6]\n- Related: #1349775 - Provide migration tools needed due to rebase\n to squid 3.5 as a separate sub-package\n[7:3.5.10-5]\n- Related: #1349775 - Provide migration tools needed due to rebase\n to squid 3.5 as a separate sub-package\n[7:3.5.10-4]\n- Resolves: #1349775 - Provide migration tools needed due to rebase\n to squid 3.5 as a separate sub-package\n[7:3.5.10-3]\n- Resolves: #1330186 - digest doesn't properly work with squid 3.3 on CentOS 7\n[7:3.5.10-2]\n- Resolves: #1336387 - Squid send wrong respond for GET-request following\n Range-GET request\n[7:3.5.10-1]\n- Resolves: #1273942 - Rebase squid to latest mature 3.5 version (3.5.10)\n- Resolves: #1322770 - CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572\n CVE-2016-3948 squid: various flaws\n- Resolves: #1254016 - IPv4 fallback is not working when connecting\n to a dualstack host with non-functional IPv6\n- Resolves: #1254018 - should BuildRequire: g++\n- Resolves: #1262456 - Squid delays on FQDNs that don't contains AAAA record\n- Resolves: #1336940 - Disable squid systemd unit start/stop timeouts\n- Resolves: #1344197 - /usr/lib/firewalld/services/squid.xml conflicts between\n attempted installs of squid-7:3.3.8-31.el7.x86_64 and\n firewalld-0.4.2-1.el7.noarch\n- Resolves: #1299972 - squid file descriptor limit hardcoded to 16384 via\n compile option in spec file\n[7:3.3.8-31]\n- Resolves: #1283078 - max_filedescriptors in squid.conf is ignored\n[7:3.3.8-30]\n- Related: #1334509 - CVE-2016-4553 squid: Cache poisoning issue in\n HTTP Request handling\n- Related: #1334492 - CVE-2016-4554 CVE-2016-4555 CVE-2016-4556\n squid: various flaws\n[7:3.3.8-29]\n- Related: #1330577 - CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: multiple\n issues in ESI processing\n[7:3.3.8-28]\n- Related: #1330577 - CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: multiple\n issues in ESI processing\n[7:3.3.8-27]\n- Resolves: #1330577 - CVE-2016-4051 squid: buffer overflow in cachemgr.cgi", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-09T00:00:00", "type": "oraclelinux", "title": "squid security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2016-11-09T00:00:00", "id": "ELSA-2016-2600", "href": "http://linux.oracle.com/errata/ELSA-2016-2600.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2022-12-17T15:21:17", "description": "The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-09T23:29:00", "type": "debiancve", "title": "CVE-2018-1000024", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024"], "modified": "2018-02-09T23:29:00", "id": "DEBIANCVE:CVE-2018-1000024", "href": "https://security-tracker.debian.org/tracker/CVE-2018-1000024", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-12-17T15:21:17", "description": "The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-09T23:29:00", "type": "debiancve", "title": "CVE-2018-1000027", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000027"], "modified": "2018-02-09T23:29:00", "id": "DEBIANCVE:CVE-2018-1000027", "href": "https://security-tracker.debian.org/tracker/CVE-2018-1000027", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-12-17T15:21:17", "description": "Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-27T05:59:00", "type": "debiancve", "title": "CVE-2016-2569", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569"], "modified": "2016-02-27T05:59:00", "id": "DEBIANCVE:CVE-2016-2569", "href": "https://security-tracker.debian.org/tracker/CVE-2016-2569", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-12-17T15:21:17", "description": "Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-07T18:59:00", "type": "debiancve", "title": "CVE-2016-3948", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3948"], "modified": "2016-04-07T18:59:00", "id": "DEBIANCVE:CVE-2016-3948", "href": "https://security-tracker.debian.org/tracker/CVE-2016-3948", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-12-17T15:21:17", "description": "The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-27T05:59:00", "type": "debiancve", "title": "CVE-2016-2570", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2570"], "modified": "2016-02-27T05:59:00", "id": "DEBIANCVE:CVE-2016-2570", "href": "https://security-tracker.debian.org/tracker/CVE-2016-2570", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-12-17T15:21:17", "description": "http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-27T05:59:00", "type": "debiancve", "title": "CVE-2016-2571", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2571"], "modified": "2016-02-27T05:59:00", "id": "DEBIANCVE:CVE-2016-2571", "href": "https://security-tracker.debian.org/tracker/CVE-2016-2571", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2022-07-07T11:11:12", "description": "The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.\n#### Mitigation\n\nA workaround for this issue is to not use the internal ESI parser, which can be achieved by adding either the "esi_parser expat" or "esi_parser libxml2" configuration directive to the squid configuration file (for example /etc/squid/squid.conf). \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-05T07:33:58", "type": "redhatcve", "title": "CVE-2018-1000024", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024"], "modified": "2022-07-07T10:08:26", "id": "RH:CVE-2018-1000024", "href": "https://access.redhat.com/security/cve/cve-2018-1000024", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-07T11:11:11", "description": "The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.\n#### Mitigation\n\nA workaround for this issue is to set the "log_uses_indirect_client off" configuration directive in the squid configuration file (for example /etc/squid/squid.conf). \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-29T15:20:19", "type": "redhatcve", "title": "CVE-2018-1000027", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000027"], "modified": "2022-07-07T10:10:28", "id": "RH:CVE-2018-1000027", "href": "https://access.redhat.com/security/cve/cve-2018-1000027", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:52:45", "description": "The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to\n3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability\nin ESI Response Processing that can result in Denial of Service for all\nclients using the proxy.. This attack appear to be exploitable via Remote\nserver delivers an HTTP response payload containing valid but unusual ESI\nsyntax.. This vulnerability appears to have been fixed in 4.0.23 and later.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888719>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-29T00:00:00", "type": "ubuntucve", "title": "CVE-2018-1000024", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024"], "modified": "2018-01-29T00:00:00", "id": "UB:CVE-2018-1000024", "href": "https://ubuntu.com/security/CVE-2018-1000024", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:52:46", "description": "The Squid Software Foundation Squid HTTP Caching Proxy version prior to\nversion 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP\nResponse X-Forwarded-For header processing that can result in Denial of\nService to all clients of the proxy. This attack appear to be exploitable\nvia Remote HTTP server responding with an X-Forwarded-For header to certain\ntypes of HTTP request. This vulnerability appears to have been fixed in\n4.0.23 and later.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888720>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-29T00:00:00", "type": "ubuntucve", "title": "CVE-2018-1000027", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000027"], "modified": "2018-01-29T00:00:00", "id": "UB:CVE-2018-1000027", "href": "https://ubuntu.com/security/CVE-2018-1000027", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:12:19", "description": "Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds\nchecking, which allows remote attackers to cause a denial of service via a\ncrafted HTTP response, related to Vary headers.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819784>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | needs substantial backporting There are no current plans to fix this CVE in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-07T00:00:00", "type": "ubuntucve", "title": "CVE-2016-3948", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3948"], "modified": "2016-04-07T00:00:00", "id": "UB:CVE-2016-3948", "href": "https://ubuntu.com/security/CVE-2016-3948", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:12:45", "description": "Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data\nto String objects, which allows remote servers to cause a denial of service\n(assertion failure and daemon exit) via a long string, as demonstrated by a\ncrafted HTTP Vary header.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816011>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | needs substantial backporting introduced a regression in Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816601 There are no current plans to fix this CVE in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-27T00:00:00", "type": "ubuntucve", "title": "CVE-2016-2569", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569"], "modified": "2016-02-27T00:00:00", "id": "UB:CVE-2016-2569", "href": "https://ubuntu.com/security/CVE-2016-2569", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:12:44", "description": "The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x\nbefore 4.0.7 does not check buffer limits during XML parsing, which allows\nremote HTTP servers to cause a denial of service (assertion failure and\ndaemon exit) via a crafted XML document, related to esi/CustomParser.cc and\nesi/CustomParser.h.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816011>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | needs substantial backporting There are no current plans to fix this CVE in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-27T00:00:00", "type": "ubuntucve", "title": "CVE-2016-2570", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2570"], "modified": "2016-02-27T00:00:00", "id": "UB:CVE-2016-2570", "href": "https://ubuntu.com/security/CVE-2016-2570", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:12:44", "description": "http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the\nstorage of certain data after a response-parsing failure, which allows\nremote HTTP servers to cause a denial of service (assertion failure and\ndaemon exit) via a malformed response.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816011>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | needs substantial backporting\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-27T00:00:00", "type": "ubuntucve", "title": "CVE-2016-2571", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2571"], "modified": "2016-02-27T00:00:00", "id": "UB:CVE-2016-2571", "href": "https://ubuntu.com/security/CVE-2016-2571", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2023-02-09T14:01:20", "description": "The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-09T23:29:00", "type": "cve", "title": "CVE-2018-1000024", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/a:squid-cache:squid:3.5.27", "cpe:/a:squid-cache:squid:4.0.22"], "id": "CVE-2018-1000024", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000024", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.27:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:01:20", "description": "The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-09T23:29:00", "type": "cve", "title": "CVE-2018-1000027", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000027"], "modified": "2019-07-17T16:15:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2018-1000027", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000027", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:07:37", "description": "Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-27T05:59:00", "type": "cve", "title": "CVE-2016-2569", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569"], "modified": "2018-03-16T01:29:00", "cpe": ["cpe:/a:squid-cache:squid:3.2.0.2", "cpe:/a:squid-cache:squid:3.3.10", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.2.0.6", "cpe:/a:squid-cache:squid:3.2.7", "cpe:/a:squid-cache:squid:3.1.0.10", "cpe:/a:squid-cache:squid:3.1.0.1", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.4.10", "cpe:/a:squid-cache:squid:3.1.0.2", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.1.0.16", "cpe:/a:squid-cache:squid:3.1.0.15", "cpe:/a:squid-cache:squid:3.4.1", "cpe:/a:squid-cache:squid:3.0.stable22", "cpe:/a:squid-cache:squid:3.2.11", "cpe:/a:squid-cache:squid:3.3.1", "cpe:/a:squid-cache:squid:3.1.3", "cpe:/a:squid-cache:squid:3.3.6", "cpe:/a:squid-cache:squid:3.1.0.13", "cpe:/a:squid-cache:squid:3.1.4", "cpe:/a:squid-cache:squid:3.0.stable10", "cpe:/a:squid-cache:squid:3.2.3", "cpe:/a:squid-cache:squid:3.2.0.14", "cpe:/a:squid-cache:squid:3.1.0.17", "cpe:/a:squid-cache:squid:3.2.5", "cpe:/a:squid-cache:squid:3.2.0.12", "cpe:/a:squid-cache:squid:3.0.stable9", "cpe:/a:squid-cache:squid:3.0.stable21", "cpe:/a:squid-cache:squid:3.0.stable24", "cpe:/a:squid-cache:squid:3.1.0.4", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.1.10", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/a:squid-cache:squid:3.1.0.18", "cpe:/a:squid-cache:squid:3.1.7", "cpe:/a:squid-cache:squid:3.0.stable4", "cpe:/a:squid-cache:squid:3.0.stable19", "cpe:/a:squid-cache:squid:3.5.0.2", "cpe:/a:squid-cache:squid:3.1.0.7", "cpe:/a:squid-cache:squid:3.0.stable3", "cpe:/a:squid-cache:squid:3.0.stable1", "cpe:/a:squid-cache:squid:3.2.6", "cpe:/a:squid-cache:squid:3.1", "cpe:/a:squid-cache:squid:3.3.13", "cpe:/a:squid-cache:squid:3.0", "cpe:/a:squid-cache:squid:3.1.1", "cpe:/a:squid-cache:squid:3.4.3", "cpe:/a:squid-cache:squid:3.3.8", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.2.4", "cpe:/a:squid-cache:squid:4.0.3", "cpe:/a:squid-cache:squid:3.4.9", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.2.12", "cpe:/a:squid-cache:squid:3.1.15", "cpe:/a:squid-cache:squid:3.2.0.18", "cpe:/a:squid-cache:squid:3.0.stable16", "cpe:/a:squid-cache:squid:3.0.stable14", "cpe:/a:squid-cache:squid:3.3.7", "cpe:/a:squid-cache:squid:3.2.0.1", "cpe:/a:squid-cache:squid:3.1.2", "cpe:/a:squid-cache:squid:3.0.stable12", "cpe:/a:squid-cache:squid:3.1.0.3", "cpe:/a:squid-cache:squid:3.0.stable5", "cpe:/a:squid-cache:squid:3.4.11", "cpe:/a:squid-cache:squid:3.0.stable17", "cpe:/a:squid-cache:squid:3.2.0.19", "cpe:/a:squid-cache:squid:3.0.stable18", "cpe:/a:squid-cache:squid:3.1.0.11", "cpe:/a:squid-cache:squid:3.2.2", "cpe:/a:squid-cache:squid:3.1.0.14", "cpe:/a:squid-cache:squid:4.0.5", "cpe:/a:squid-cache:squid:3.2.10", "cpe:/a:squid-cache:squid:3.1.8", "cpe:/a:squid-cache:squid:4.0.6", "cpe:/a:squid-cache:squid:3.4.13", "cpe:/a:squid-cache:squid:4.0.4", "cpe:/a:squid-cache:squid:3.3.11", "cpe:/a:squid-cache:squid:3.2.0.10", "cpe:/a:squid-cache:squid:3.4.0.2", "cpe:/a:squid-cache:squid:3.4.12", "cpe:/a:squid-cache:squid:3.1.12", "cpe:/a:squid-cache:squid:3.0.stable23", "cpe:/a:squid-cache:squid:3.2.9", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.2.13", "cpe:/a:squid-cache:squid:3.0.stable20", "cpe:/a:squid-cache:squid:3.4.0.1", "cpe:/a:squid-cache:squid:3.3.12", "cpe:/a:squid-cache:squid:3.0.stable6", "cpe:/a:squid-cache:squid:3.0.stable7", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.3.9", "cpe:/a:squid-cache:squid:3.4.4", "cpe:/a:squid-cache:squid:3.1.0.6", "cpe:/a:squid-cache:squid:3.1.0.5", "cpe:/a:squid-cache:squid:3.4.8", "cpe:/a:squid-cache:squid:3.2.1", "cpe:/a:squid-cache:squid:3.0.stable8", "cpe:/a:squid-cache:squid:3.1.6", "cpe:/a:squid-cache:squid:3.0.stable25", "cpe:/a:squid-cache:squid:3.4.0.3", "cpe:/a:squid-cache:squid:3.2.8", "cpe:/a:squid-cache:squid:3.0.stable15", "cpe:/a:squid-cache:squid:3.1.0.9", "cpe:/a:squid-cache:squid:3.2.0.17", "cpe:/a:squid-cache:squid:3.5.0.1", "cpe:/a:squid-cache:squid:3.2.0.11", "cpe:/a:squid-cache:squid:3.5.0.3", "cpe:/a:squid-cache:squid:3.0.stable13", "cpe:/a:squid-cache:squid:4.0.2", "cpe:/a:squid-cache:squid:3.2.0.15", "cpe:/a:squid-cache:squid:3.0.stable11", "cpe:/a:squid-cache:squid:3.5.0.4", "cpe:/a:squid-cache:squid:3.1.11", "cpe:/a:squid-cache:squid:3.1.0.12", "cpe:/a:squid-cache:squid:3.2.0.13", "cpe:/a:squid-cache:squid:3.2.0.16", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/a:squid-cache:squid:3.1.0.8", "cpe:/a:squid-cache:squid:3.1.14", "cpe:/a:squid-cache:squid:3.1.9", "cpe:/a:squid-cache:squid:3.1.13", "cpe:/a:squid-cache:squid:3.3.0", "cpe:/a:squid-cache:squid:3.4.2", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/a:squid-cache:squid:4.0.1", "cpe:/a:squid-cache:squid:3.5.1", "cpe:/a:squid-cache:squid:3.0.stable2", "cpe:/a:squid-cache:squid:3.1.5.1", "cpe:/a:squid-cache:squid:3.1.5"], "id": "CVE-2016-2569", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2569", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:squid-cache:squid:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable20:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre5:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre4:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable23:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre2:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre1:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre3:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre6:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable21:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable25:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable11:rc1:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable24:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable22:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable16:rc1:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre7:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable13:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:10:30", "description": "Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-07T18:59:00", "type": "cve", "title": "CVE-2016-3948", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3948"], "modified": "2018-03-16T01:29:00", "cpe": ["cpe:/a:squid-cache:squid:3.2.0.2", "cpe:/a:squid-cache:squid:3.3.10", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.2.0.6", "cpe:/a:squid-cache:squid:3.2.7", "cpe:/a:squid-cache:squid:3.1.0.10", "cpe:/a:squid-cache:squid:3.1.0.1", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.5.5", "cpe:/a:squid-cache:squid:3.4.10", "cpe:/a:squid-cache:squid:3.5.13", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.1.0.2", "cpe:/a:squid-cache:squid:3.1.0.16", "cpe:/a:squid-cache:squid:3.1.0.15", "cpe:/a:squid-cache:squid:3.4.1", "cpe:/a:squid-cache:squid:3.0.stable22", "cpe:/a:squid-cache:squid:3.2.11", "cpe:/a:squid-cache:squid:3.3.1", "cpe:/a:squid-cache:squid:3.1.3", "cpe:/a:squid-cache:squid:3.3.6", "cpe:/a:squid-cache:squid:3.1.0.13", "cpe:/a:squid-cache:squid:3.1.4", "cpe:/a:squid-cache:squid:3.5.10", "cpe:/a:squid-cache:squid:3.0.stable10", "cpe:/a:squid-cache:squid:3.2.3", "cpe:/a:squid-cache:squid:3.2.0.14", "cpe:/a:squid-cache:squid:3.1.0.17", "cpe:/a:squid-cache:squid:3.2.5", "cpe:/a:squid-cache:squid:3.2.0.12", "cpe:/a:squid-cache:squid:3.0.stable9", "cpe:/a:squid-cache:squid:3.5.9", "cpe:/a:squid-cache:squid:3.0.stable21", "cpe:/a:squid-cache:squid:3.0.stable24", "cpe:/a:squid-cache:squid:3.5.14", "cpe:/a:squid-cache:squid:3.1.0.4", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.1.10", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/a:squid-cache:squid:3.1.0.18", "cpe:/a:squid-cache:squid:3.1.7", "cpe:/a:squid-cache:squid:3.0.stable4", "cpe:/a:squid-cache:squid:3.0.stable19", "cpe:/a:squid-cache:squid:3.5.0.2", "cpe:/a:squid-cache:squid:3.1.0.7", "cpe:/a:squid-cache:squid:3.0.stable3", "cpe:/a:squid-cache:squid:3.0.stable1", "cpe:/a:squid-cache:squid:3.2.6", "cpe:/a:squid-cache:squid:3.1", "cpe:/a:squid-cache:squid:3.3.13", "cpe:/a:squid-cache:squid:3.0", "cpe:/a:squid-cache:squid:3.1.1", "cpe:/a:squid-cache:squid:3.4.3", "cpe:/a:squid-cache:squid:3.3.8", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.2.4", "cpe:/a:squid-cache:squid:4.0.3", "cpe:/a:squid-cache:squid:3.4.9", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.2.12", "cpe:/a:squid-cache:squid:3.1.15", "cpe:/a:squid-cache:squid:3.5.6", "cpe:/a:squid-cache:squid:3.2.0.18", "cpe:/a:squid-cache:squid:3.0.stable16", "cpe:/a:squid-cache:squid:3.0.stable14", "cpe:/a:squid-cache:squid:3.3.7", "cpe:/a:squid-cache:squid:3.2.0.1", "cpe:/a:squid-cache:squid:3.1.2", "cpe:/a:squid-cache:squid:3.0.stable12", "cpe:/a:squid-cache:squid:3.1.0.3", "cpe:/a:squid-cache:squid:3.0.stable5", "cpe:/a:squid-cache:squid:3.4.11", "cpe:/a:squid-cache:squid:3.0.stable17", "cpe:/a:squid-cache:squid:3.2.0.19", "cpe:/a:squid-cache:squid:3.0.stable18", "cpe:/a:squid-cache:squid:3.1.0.11", "cpe:/a:squid-cache:squid:3.5.8", "cpe:/a:squid-cache:squid:3.5.3", "cpe:/a:squid-cache:squid:3.2.2", "cpe:/a:squid-cache:squid:3.1.0.14", "cpe:/a:squid-cache:squid:4.0.5", "cpe:/a:squid-cache:squid:3.2.10", "cpe:/a:squid-cache:squid:3.1.8", "cpe:/a:squid-cache:squid:4.0.6", "cpe:/a:squid-cache:squid:3.4.13", "cpe:/a:squid-cache:squid:4.0.4", "cpe:/a:squid-cache:squid:3.3.11", "cpe:/a:squid-cache:squid:3.2.0.10", "cpe:/a:squid-cache:squid:3.4.0.2", "cpe:/a:squid-cache:squid:3.4.12", "cpe:/a:squid-cache:squid:3.1.12", "cpe:/a:squid-cache:squid:3.0.stable23", "cpe:/a:squid-cache:squid:3.2.9", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.2.13", "cpe:/a:squid-cache:squid:3.0.stable20", "cpe:/a:squid-cache:squid:3.4.0.1", "cpe:/a:squid-cache:squid:3.3.12", "cpe:/a:squid-cache:squid:3.0.stable6", "cpe:/a:squid-cache:squid:3.0.stable7", "cpe:/a:squid-cache:squid:3.5.2", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.3.9", "cpe:/a:squid-cache:squid:3.5.15", "cpe:/a:squid-cache:squid:3.4.4", "cpe:/a:squid-cache:squid:3.1.0.6", "cpe:/a:squid-cache:squid:3.1.0.5", "cpe:/a:squid-cache:squid:3.4.8", "cpe:/a:squid-cache:squid:3.2.1", "cpe:/a:squid-cache:squid:3.0.stable8", "cpe:/a:squid-cache:squid:3.5.11", "cpe:/a:squid-cache:squid:3.1.6", "cpe:/a:squid-cache:squid:3.0.stable25", "cpe:/a:squid-cache:squid:3.4.0.3", "cpe:/a:squid-cache:squid:3.2.8", "cpe:/a:squid-cache:squid:3.0.stable15", "cpe:/a:squid-cache:squid:3.1.0.9", "cpe:/a:squid-cache:squid:3.5.4", "cpe:/a:squid-cache:squid:3.2.0.17", "cpe:/a:squid-cache:squid:3.5.0.1", "cpe:/a:squid-cache:squid:3.2.0.11", "cpe:/a:squid-cache:squid:3.5.0.3", "cpe:/a:squid-cache:squid:3.0.stable13", "cpe:/a:squid-cache:squid:4.0.2", "cpe:/a:squid-cache:squid:3.2.0.15", "cpe:/a:squid-cache:squid:3.0.stable11", "cpe:/a:squid-cache:squid:3.5.0.4", "cpe:/a:squid-cache:squid:3.1.11", "cpe:/a:squid-cache:squid:3.1.0.12", "cpe:/a:squid-cache:squid:3.2.0.13", "cpe:/a:squid-cache:squid:3.2.0.16", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/a:squid-cache:squid:3.1.0.8", "cpe:/a:squid-cache:squid:3.1.14", "cpe:/a:squid-cache:squid:3.1.9", "cpe:/a:squid-cache:squid:3.1.13", "cpe:/a:squid-cache:squid:3.5.12", "cpe:/a:squid-cache:squid:3.3.0", "cpe:/a:squid-cache:squid:3.4.2", "cpe:/a:squid-cache:squid:4.0.7", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/a:squid-cache:squid:3.5.7", "cpe:/a:squid-cache:squid:4.0.1", "cpe:/a:squid-cache:squid:3.5.1", "cpe:/a:squid-cache:squid:3.0.stable2", "cpe:/a:squid-cache:squid:3.1.5.1", "cpe:/a:squid-cache:squid:3.1.5"], "id": "CVE-2016-3948", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3948", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:squid-cache:squid:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable20:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre5:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre4:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable23:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre2:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre1:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre3:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre6:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable21:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable25:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable11:rc1:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable24:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable22:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable16:rc1:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre7:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable13:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:07:41", "description": "The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-27T05:59:00", "type": "cve", "title": "CVE-2016-2570", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2570"], "modified": "2018-03-16T01:29:00", "cpe": ["cpe:/a:squid-cache:squid:3.2.0.2", "cpe:/a:squid-cache:squid:3.3.10", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.2.0.6", "cpe:/a:squid-cache:squid:3.2.7", "cpe:/a:squid-cache:squid:3.1.0.10", "cpe:/a:squid-cache:squid:3.1.0.1", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.4.10", "cpe:/a:squid-cache:squid:3.1.0.2", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.1.0.16", "cpe:/a:squid-cache:squid:3.1.0.15", "cpe:/a:squid-cache:squid:3.4.1", "cpe:/a:squid-cache:squid:3.0.stable22", "cpe:/a:squid-cache:squid:3.2.11", "cpe:/a:squid-cache:squid:3.3.1", "cpe:/a:squid-cache:squid:3.1.3", "cpe:/a:squid-cache:squid:3.3.6", "cpe:/a:squid-cache:squid:3.1.0.13", "cpe:/a:squid-cache:squid:3.1.4", "cpe:/a:squid-cache:squid:3.0.stable10", "cpe:/a:squid-cache:squid:3.2.3", "cpe:/a:squid-cache:squid:3.2.0.14", "cpe:/a:squid-cache:squid:3.1.0.17", "cpe:/a:squid-cache:squid:3.2.5", "cpe:/a:squid-cache:squid:3.2.0.12", "cpe:/a:squid-cache:squid:3.0.stable9", "cpe:/a:squid-cache:squid:3.0.stable21", "cpe:/a:squid-cache:squid:3.0.stable24", "cpe:/a:squid-cache:squid:3.1.0.4", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.1.10", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/a:squid-cache:squid:3.1.0.18", "cpe:/a:squid-cache:squid:3.1.7", "cpe:/a:squid-cache:squid:3.0.stable4", "cpe:/a:squid-cache:squid:3.0.stable19", "cpe:/a:squid-cache:squid:3.5.0.2", "cpe:/a:squid-cache:squid:3.1.0.7", "cpe:/a:squid-cache:squid:3.0.stable3", "cpe:/a:squid-cache:squid:3.0.stable1", "cpe:/a:squid-cache:squid:3.2.6", "cpe:/a:squid-cache:squid:3.1", "cpe:/a:squid-cache:squid:3.3.13", "cpe:/a:squid-cache:squid:3.0", "cpe:/a:squid-cache:squid:3.1.1", "cpe:/a:squid-cache:squid:3.4.3", "cpe:/a:squid-cache:squid:3.3.8", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.2.4", "cpe:/a:squid-cache:squid:4.0.3", "cpe:/a:squid-cache:squid:3.4.9", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.2.12", "cpe:/a:squid-cache:squid:3.1.15", "cpe:/a:squid-cache:squid:3.2.0.18", "cpe:/a:squid-cache:squid:3.0.stable16", "cpe:/a:squid-cache:squid:3.0.stable14", "cpe:/a:squid-cache:squid:3.3.7", "cpe:/a:squid-cache:squid:3.2.0.1", "cpe:/a:squid-cache:squid:3.1.2", "cpe:/a:squid-cache:squid:3.0.stable12", "cpe:/a:squid-cache:squid:3.1.0.3", "cpe:/a:squid-cache:squid:3.0.stable5", "cpe:/a:squid-cache:squid:3.4.11", "cpe:/a:squid-cache:squid:3.0.stable17", "cpe:/a:squid-cache:squid:3.2.0.19", "cpe:/a:squid-cache:squid:3.0.stable18", "cpe:/a:squid-cache:squid:3.1.0.11", "cpe:/a:squid-cache:squid:3.2.2", "cpe:/a:squid-cache:squid:3.1.0.14", "cpe:/a:squid-cache:squid:4.0.5", "cpe:/a:squid-cache:squid:3.2.10", "cpe:/a:squid-cache:squid:3.1.8", "cpe:/a:squid-cache:squid:4.0.6", "cpe:/a:squid-cache:squid:3.4.13", "cpe:/a:squid-cache:squid:4.0.4", "cpe:/a:squid-cache:squid:3.3.11", "cpe:/a:squid-cache:squid:3.2.0.10", "cpe:/a:squid-cache:squid:3.4.0.2", "cpe:/a:squid-cache:squid:3.4.12", "cpe:/a:squid-cache:squid:3.1.12", "cpe:/a:squid-cache:squid:3.0.stable23", "cpe:/a:squid-cache:squid:3.2.9", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.2.13", "cpe:/a:squid-cache:squid:3.0.stable20", "cpe:/a:squid-cache:squid:3.4.0.1", "cpe:/a:squid-cache:squid:3.3.12", "cpe:/a:squid-cache:squid:3.0.stable6", "cpe:/a:squid-cache:squid:3.0.stable7", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.3.9", "cpe:/a:squid-cache:squid:3.4.4", "cpe:/a:squid-cache:squid:3.1.0.6", "cpe:/a:squid-cache:squid:3.1.0.5", "cpe:/a:squid-cache:squid:3.4.8", "cpe:/a:squid-cache:squid:3.2.1", "cpe:/a:squid-cache:squid:3.0.stable8", "cpe:/a:squid-cache:squid:3.1.6", "cpe:/a:squid-cache:squid:3.0.stable25", "cpe:/a:squid-cache:squid:3.4.0.3", "cpe:/a:squid-cache:squid:3.2.8", "cpe:/a:squid-cache:squid:3.0.stable15", "cpe:/a:squid-cache:squid:3.1.0.9", "cpe:/a:squid-cache:squid:3.2.0.17", "cpe:/a:squid-cache:squid:3.5.0.1", "cpe:/a:squid-cache:squid:3.2.0.11", "cpe:/a:squid-cache:squid:3.5.0.3", "cpe:/a:squid-cache:squid:3.0.stable13", "cpe:/a:squid-cache:squid:4.0.2", "cpe:/a:squid-cache:squid:3.2.0.15", "cpe:/a:squid-cache:squid:3.0.stable11", "cpe:/a:squid-cache:squid:3.5.0.4", "cpe:/a:squid-cache:squid:3.1.11", "cpe:/a:squid-cache:squid:3.1.0.12", "cpe:/a:squid-cache:squid:3.2.0.13", "cpe:/a:squid-cache:squid:3.2.0.16", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/a:squid-cache:squid:3.1.0.8", "cpe:/a:squid-cache:squid:3.1.14", "cpe:/a:squid-cache:squid:3.1.9", "cpe:/a:squid-cache:squid:3.1.13", "cpe:/a:squid-cache:squid:3.3.0", "cpe:/a:squid-cache:squid:3.4.2", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/a:squid-cache:squid:4.0.1", "cpe:/a:squid-cache:squid:3.5.1", "cpe:/a:squid-cache:squid:3.0.stable2", "cpe:/a:squid-cache:squid:3.1.5.1", "cpe:/a:squid-cache:squid:3.1.5"], "id": "CVE-2016-2570", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2570", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:squid-cache:squid:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable20:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre5:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre4:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable23:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre2:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre1:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre3:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre6:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable21:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable25:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable11:rc1:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable24:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable22:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable16:rc1:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre7:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable13:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:07:38", "description": "http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-27T05:59:00", "type": "cve", "title": "CVE-2016-2571", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2571"], "modified": "2018-03-16T01:29:00", "cpe": ["cpe:/a:squid-cache:squid:3.2.0.2", "cpe:/a:squid-cache:squid:3.3.10", "cpe:/a:squid-cache:squid:3.3.2", "cpe:/a:squid-cache:squid:3.2.0.6", "cpe:/a:squid-cache:squid:3.2.7", "cpe:/a:squid-cache:squid:3.1.0.10", "cpe:/a:squid-cache:squid:3.1.0.1", "cpe:/a:squid-cache:squid:3.2.0.9", "cpe:/a:squid-cache:squid:3.4.10", "cpe:/a:squid-cache:squid:3.1.0.2", "cpe:/a:squid-cache:squid:3.3.5", "cpe:/a:squid-cache:squid:3.1.0.16", "cpe:/a:squid-cache:squid:3.1.0.15", "cpe:/a:squid-cache:squid:3.4.1", "cpe:/a:squid-cache:squid:3.0.stable22", "cpe:/a:squid-cache:squid:3.2.11", "cpe:/a:squid-cache:squid:3.3.1", "cpe:/a:squid-cache:squid:3.1.3", "cpe:/a:squid-cache:squid:3.3.6", "cpe:/a:squid-cache:squid:3.1.0.13", "cpe:/a:squid-cache:squid:3.1.4", "cpe:/a:squid-cache:squid:3.0.stable10", "cpe:/a:squid-cache:squid:3.2.3", "cpe:/a:squid-cache:squid:3.2.0.14", "cpe:/a:squid-cache:squid:3.1.0.17", "cpe:/a:squid-cache:squid:3.2.5", "cpe:/a:squid-cache:squid:3.2.0.12", "cpe:/a:squid-cache:squid:3.0.stable9", "cpe:/a:squid-cache:squid:3.0.stable21", "cpe:/a:squid-cache:squid:3.0.stable24", "cpe:/a:squid-cache:squid:3.1.0.4", "cpe:/a:squid-cache:squid:3.3.4", "cpe:/a:squid-cache:squid:3.1.10", "cpe:/a:squid-cache:squid:3.2.0.4", "cpe:/a:squid-cache:squid:3.1.0.18", "cpe:/a:squid-cache:squid:3.1.7", "cpe:/a:squid-cache:squid:3.0.stable4", "cpe:/a:squid-cache:squid:3.0.stable19", "cpe:/a:squid-cache:squid:3.5.0.2", "cpe:/a:squid-cache:squid:3.1.0.7", "cpe:/a:squid-cache:squid:3.0.stable3", "cpe:/a:squid-cache:squid:3.0.stable1", "cpe:/a:squid-cache:squid:3.2.6", "cpe:/a:squid-cache:squid:3.1", "cpe:/a:squid-cache:squid:3.3.13", "cpe:/a:squid-cache:squid:3.0", "cpe:/a:squid-cache:squid:3.1.1", "cpe:/a:squid-cache:squid:3.4.3", "cpe:/a:squid-cache:squid:3.3.8", "cpe:/a:squid-cache:squid:3.3.0.3", "cpe:/a:squid-cache:squid:3.3.3", "cpe:/a:squid-cache:squid:3.2.4", "cpe:/a:squid-cache:squid:4.0.3", "cpe:/a:squid-cache:squid:3.4.9", "cpe:/a:squid-cache:squid:3.3.0.2", "cpe:/a:squid-cache:squid:3.2.12", "cpe:/a:squid-cache:squid:3.1.15", "cpe:/a:squid-cache:squid:3.2.0.18", "cpe:/a:squid-cache:squid:3.0.stable16", "cpe:/a:squid-cache:squid:3.0.stable14", "cpe:/a:squid-cache:squid:3.3.7", "cpe:/a:squid-cache:squid:3.2.0.1", "cpe:/a:squid-cache:squid:3.1.2", "cpe:/a:squid-cache:squid:3.0.stable12", "cpe:/a:squid-cache:squid:3.1.0.3", "cpe:/a:squid-cache:squid:3.0.stable5", "cpe:/a:squid-cache:squid:3.4.11", "cpe:/a:squid-cache:squid:3.0.stable17", "cpe:/a:squid-cache:squid:3.2.0.19", "cpe:/a:squid-cache:squid:3.0.stable18", "cpe:/a:squid-cache:squid:3.1.0.11", "cpe:/a:squid-cache:squid:3.2.2", "cpe:/a:squid-cache:squid:3.1.0.14", "cpe:/a:squid-cache:squid:4.0.5", "cpe:/a:squid-cache:squid:3.2.10", "cpe:/a:squid-cache:squid:3.1.8", "cpe:/a:squid-cache:squid:4.0.6", "cpe:/a:squid-cache:squid:3.4.13", "cpe:/a:squid-cache:squid:4.0.4", "cpe:/a:squid-cache:squid:3.3.11", "cpe:/a:squid-cache:squid:3.2.0.10", "cpe:/a:squid-cache:squid:3.4.0.2", "cpe:/a:squid-cache:squid:3.4.12", "cpe:/a:squid-cache:squid:3.1.12", "cpe:/a:squid-cache:squid:3.0.stable23", "cpe:/a:squid-cache:squid:3.2.9", "cpe:/a:squid-cache:squid:3.2.0.5", "cpe:/a:squid-cache:squid:3.2.13", "cpe:/a:squid-cache:squid:3.0.stable20", "cpe:/a:squid-cache:squid:3.4.0.1", "cpe:/a:squid-cache:squid:3.3.12", "cpe:/a:squid-cache:squid:3.0.stable6", "cpe:/a:squid-cache:squid:3.0.stable7", "cpe:/a:squid-cache:squid:3.2.0.3", "cpe:/a:squid-cache:squid:3.3.9", "cpe:/a:squid-cache:squid:3.4.4", "cpe:/a:squid-cache:squid:3.1.0.6", "cpe:/a:squid-cache:squid:3.1.0.5", "cpe:/a:squid-cache:squid:3.4.8", "cpe:/a:squid-cache:squid:3.2.1", "cpe:/a:squid-cache:squid:3.0.stable8", "cpe:/a:squid-cache:squid:3.1.6", "cpe:/a:squid-cache:squid:3.0.stable25", "cpe:/a:squid-cache:squid:3.4.0.3", "cpe:/a:squid-cache:squid:3.2.8", "cpe:/a:squid-cache:squid:3.0.stable15", "cpe:/a:squid-cache:squid:3.1.0.9", "cpe:/a:squid-cache:squid:3.2.0.17", "cpe:/a:squid-cache:squid:3.5.0.1", "cpe:/a:squid-cache:squid:3.2.0.11", "cpe:/a:squid-cache:squid:3.5.0.3", "cpe:/a:squid-cache:squid:3.0.stable13", "cpe:/a:squid-cache:squid:4.0.2", "cpe:/a:squid-cache:squid:3.2.0.15", "cpe:/a:squid-cache:squid:3.0.stable11", "cpe:/a:squid-cache:squid:3.5.0.4", "cpe:/a:squid-cache:squid:3.1.11", "cpe:/a:squid-cache:squid:3.1.0.12", "cpe:/a:squid-cache:squid:3.2.0.13", "cpe:/a:squid-cache:squid:3.2.0.16", "cpe:/a:squid-cache:squid:3.2.0.7", "cpe:/a:squid-cache:squid:3.1.0.8", "cpe:/a:squid-cache:squid:3.1.14", "cpe:/a:squid-cache:squid:3.1.9", "cpe:/a:squid-cache:squid:3.1.13", "cpe:/a:squid-cache:squid:3.3.0", "cpe:/a:squid-cache:squid:3.4.2", "cpe:/a:squid-cache:squid:3.2.0.8", "cpe:/a:squid-cache:squid:4.0.1", "cpe:/a:squid-cache:squid:3.5.1", "cpe:/a:squid-cache:squid:3.0.stable2", "cpe:/a:squid-cache:squid:3.1.5.1", "cpe:/a:squid-cache:squid:3.1.5"], "id": "CVE-2016-2571", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2571", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:squid-cache:squid:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable20:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre5:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre4:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable23:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre2:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre1:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre3:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre6:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable21:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable25:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable11:rc1:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable24:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable22:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable14:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable16:rc1:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0:-:pre7:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:squid-cache:squid:3.0.stable13:*:*:*:*:*:*:*"]}], "veracode": [{"lastseen": "2022-07-27T10:26:09", "description": "squid is vulnerable to Incorrect pointer handling when processing ESI Responses can lead to denial of service.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-01T00:38:29", "type": "veracode", "title": "Incorrect Pointer Handling", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000024"], "modified": "2022-04-19T18:34:04", "id": "VERACODE:22861", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-22861/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:26:13", "description": "squid is vulnerable to denial of service (DoS). The vulnerability exists through an incorrect pointer handling issue in HTTP processing and certificate download.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-01T00:38:30", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000027"], "modified": "2022-04-19T18:39:12", "id": "VERACODE:22862", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-22862/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:43:10", "description": "The vulnerability is due to improper bounds checking while processing HTTP responses. A remote, unauthenticated attacker can exploit this vulnerability by returning crafted HTTP responses to the vulnerable proxy server. Successful exploitation of the vulnerability could lead to denial-of-service conditions.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-05-19T00:00:00", "type": "checkpoint_advisories", "title": "Squid HTTP Response Processing Denial of Service (CVE-2016-3948)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3948"], "modified": "2016-05-29T00:00:00", "id": "CPAI-2016-0362", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-17T11:39:00", "description": "A denial-of-service vulnerability has been reported in Squid. The vulnerability is due to the way Squid uses a String object of a certain maximum length to store incoming headers, such as the Vary header, in HTTP responses. Long strings in headers can cause an assertion failure.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-06-13T00:00:00", "type": "checkpoint_advisories", "title": "Squid Long String Header Processing Assertion Failure (CVE-2016-2569)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2569"], "modified": "2017-05-25T00:00:00", "id": "CPAI-2016-0502", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-10-26T14:52:24", "description": "A denial of service vulnerability exists in Squid Proxy. Successful exploitation of this vulnerability would allow remote attackers to cause denial of service on the affected system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-05-27T00:00:00", "type": "checkpoint_advisories", "title": "Squid Proxy Denial of Service (CVE-2018-1172; CVE-2018-1000027)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000027", "CVE-2018-1172"], "modified": "2022-10-26T00:00:00", "id": "CPAI-2018-0513", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:06:30", "description": "### Background\n\nSquid is a full-featured Web proxy cache designed to run on Unix systems. It supports proxying and caching of HTTP, FTP, and other URLs, as well as SSL support, cache hierarchies, transparent caching, access control lists and many other features. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker can possibly execute arbitrary code or create a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Squid users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-proxy/squid-3.5.19\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-09T00:00:00", "type": "gentoo", "title": "Squid: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-6270", "CVE-2016-2569", "CVE-2016-2570", "CVE-2016-2571", "CVE-2016-2572", "CVE-2016-3947", "CVE-2016-3948", "CVE-2016-4051", "CVE-2016-4052", "CVE-2016-4053", "CVE-2016-4054", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4555", "CVE-2016-4556"], "modified": "2016-07-09T00:00:00", "id": "GLSA-201607-01", "href": "https://security.gentoo.org/glsa/201607-01", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:13:39", "description": "This update for squid3 fixes the following issues:\n\n - Multiple issues in pinger ICMP processing. (CVE-2014-7141,\n CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing.\n (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing\n (bsc#979010)\n\n - Fix multiple Denial of Service issues in HTTP Response processing.\n (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392,\n bsc#968393, bsc#968394, bsc#968395)\n - Regression caused by the DoS fixes above (bsc#993299)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing\n (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:\n * fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\n", "cvss3": {}, "published": "2016-08-16T18:08:55", "type": "suse", "title": "Security update for squid3 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-7141", "CVE-2015-5400", "CVE-2014-6270", "CVE-2012-5643", "CVE-2016-4051", "CVE-2014-0128", "CVE-2016-4555", "CVE-2016-2570", "CVE-2016-4052", "CVE-2013-4115", "CVE-2016-3947", "CVE-2016-2569", "CVE-2013-0188", "CVE-2011-3205", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-2571", "CVE-2011-4096", "CVE-2016-4054", "CVE-2016-2390", "CVE-2016-4053", "CVE-2016-3948", "CVE-2016-2572", "CVE-2014-7142"], "modified": "2016-08-16T18:08:55", "id": "SUSE-SU-2016:2089-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:09:51", "description": "This update for squid3 fixes the following issues:\n\n - Multiple issues in pinger ICMP processing. (CVE-2014-7141,\n CVE-2014-7142)\n\n - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing.\n (bsc#973782)\n\n - CVE-2016-4554: fix header smuggling issue in HTTP Request processing\n (bsc#979010)\n\n - fix multiple Denial of Service issues in HTTP Response processing.\n (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392,\n bsc#968393, bsc#968394, bsc#968395)\n\n - CVE-2016-3948: Fix denial of service in HTTP Response processing\n (bsc#973783)\n\n - CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)\n\n - CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:\n * fixes multiple issues in ESI processing (bsc#976556)\n\n - CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)\n\n - CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)\n\n - CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)\n\n - Memory leak in squid3 when using external_acl (bsc#976708)\n\n", "cvss3": {}, "published": "2016-08-09T17:12:26", "type": "suse", "title": "Security update for squid3 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-7141", "CVE-2015-5400", "CVE-2014-6270", "CVE-2012-5643", "CVE-2016-4051", "CVE-2014-0128", "CVE-2016-4555", "CVE-2016-2570", "CVE-2016-4052", "CVE-2013-4115", "CVE-2016-3947", "CVE-2016-2569", "CVE-2013-0188", "CVE-2011-3205", "CVE-2016-4553", "CVE-2016-4554", "CVE-2016-4556", "CVE-2016-2571", "CVE-2011-4096", "CVE-2016-4054", "CVE-2016-2390", "CVE-2016-4053", "CVE-2016-3948", "CVE-2016-2572", "CVE-2014-7142"], "modified": "2016-08-09T17:12:26", "id": "SUSE-SU-2016:1996-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
Squid vulnerabilities
