Lucene search
Ubuntu.comUB:CVE-2014-0128HistoryApr 14, 2014 - 12:00 a.m.
CVE-2014-0128
2014-04-1400:00:00
ubuntu.com
ubuntu.com
13
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.156 Low
EPSS
Percentile
95.8%
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled,
allows remote attackers to cause a denial of service (assertion failure)
via a crafted range request, related to state management.
Bugs
Notes
| Author | Note |
|---|---|
| seth-arnold | Flaw requires building the package with --enable-ssl; this flag is not used in Debian nor Ubuntu’s builds. |
| mdeslaur | However, we should probably fix this anyway as rebuilding the Ubuntu package locally to enable ssl is a common scenario. |
Related
openvas
openvas
Oracle Linux Local Check: ELSA-2014-0597
2015-10-06 00:00:00
Fedora Update for squid FEDORA-2014-3915
2014-04-03 00:00:00
Amazon Linux: Security Advisory (ALAS-2014-360)
2015-09-08 00:00:00
nessus
nessus
RHEL 6 : squid (RHSA-2014:0597)
2014-06-04 00:00:00
Mandriva Linux Security Advisory : squid (MDVSA-2014:114)
2014-06-11 00:00:00
Fedora 19 : squid-3.3.12-1.fc19 (2014-4800)
2014-04-16 00:00:00
debiancve
debiancve
CVE-2014-0128
2014-04-14 15:09:00
seebug
seebug
Squid SSL-Bump HTTPS请求处理拒绝服务漏洞
2014-03-13 00:00:00
oraclelinux
oraclelinux
squid security update
2014-06-03 00:00:00
cve
cve
CVE-2014-0128
2014-04-14 15:09:00
centos
centos
squid security update
2014-06-04 10:04:04
prion
prion
Server side request forgery (ssrf)
2014-04-14 15:09:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:52:42
redhat
redhat
(RHSA-2014:0597) Moderate: squid security update
2014-06-03 00:00:00
securityvulns
securityvulns
squid DoS
2014-06-14 00:00:00
[ MDVSA-2014:114 ] squid
2014-06-14 00:00:00
mageia
mageia
Updated squid packages fix CVE-2014-0128
2014-04-09 09:36:34
Updated squid package fixes CVE-2014-0128
2014-04-24 23:04:48
amazon
amazon
Medium: squid
2014-06-15 16:22:00
Important: squid
2014-10-22 20:04:00
fedora
fedora
[SECURITY] Fedora 20 Update: squid-3.3.12-1.fc20
2014-04-02 09:19:07
[SECURITY] Fedora 19 Update: squid-3.3.12-1.fc19
2014-04-15 15:38:43
gentoo
gentoo
Squid: Multiple vulnerabilities
2014-11-27 00:00:00
suse
suse
Security update for squid3 (important)
2016-08-09 17:12:26
Security update for squid3 (important)
2016-08-16 18:08:55
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.156 Low
EPSS
Percentile
95.8%
Related for UB:CVE-2014-0128