logo
DATABASE RESOURCES PRICING ABOUT US

Squid vulnerabilities

Description

Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory. (CVE-2019-12528) Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to access server resources prohibited by earlier security filters. (CVE-2020-8449) Guido Vranken discovered that Squid incorrectly handled certain buffer operations when acting as a reverse proxy. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-8450) Aaron Costello discovered that Squid incorrectly handled certain NTLM authentication credentials. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2020-8517)


Affected Package


OS OS Version Package Name Package Version
Ubuntu 19.10 squid 4.8-1ubuntu2.2
Ubuntu 18.04 squid 3.5.27-1ubuntu1.5
Ubuntu 18.04 squid-cgi 3.5.27-1ubuntu1.5
Ubuntu 18.04 squid-common 3.5.27-1ubuntu1.5
Ubuntu 18.04 squid-dbg 3.5.27-1ubuntu1.5
Ubuntu 18.04 squid-purge 3.5.27-1ubuntu1.5
Ubuntu 18.04 squid3 3.5.27-1ubuntu1.5
Ubuntu 18.04 squidclient 3.5.27-1ubuntu1.5
Ubuntu 16.04 squid 3.5.12-1ubuntu7.10
Ubuntu 16.04 squid-cgi 3.5.12-1ubuntu7.10
Ubuntu 16.04 squid-cgi-dbgsym 3.5.12-1ubuntu7.10
Ubuntu 16.04 squid-common 3.5.12-1ubuntu7.10
Ubuntu 16.04 squid-dbg 3.5.12-1ubuntu7.10
Ubuntu 16.04 squid-dbgsym 3.5.12-1ubuntu7.10
Ubuntu 16.04 squid-purge 3.5.12-1ubuntu7.10
Ubuntu 16.04 squid-purge-dbgsym 3.5.12-1ubuntu7.10
Ubuntu 16.04 squid3 3.5.12-1ubuntu7.10
Ubuntu 16.04 squidclient 3.5.12-1ubuntu7.10
Ubuntu 16.04 squidclient-dbgsym 3.5.12-1ubuntu7.10

Related