Download
| Alert*
oval:org.secpod.oval:def:1601720
An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e. ... oval:org.secpod.oval:def:89046118 This update for squid fixes the following issues: - CVE-2020-15810: Fixed a HTTP Request Smuggling that could have resulted in cache poisoning . - CVE-2019-12523: Disabled urn parsing and parsing of unknown schemes . - CVE-2019-18676: Disabled urn parsing and parsing of unknown schemes . oval:org.secpod.oval:def:1701367 An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e. ... oval:org.secpod.oval:def:89003360 This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multi ... oval:org.secpod.oval:def:59841 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:59842 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:2105897 Oracle Solaris 11 - ( CVE-2019-12526 ) oval:org.secpod.oval:def:89000336 This update for squid fixes the following issues: - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing . - CVE ... oval:org.secpod.oval:def:1701645 An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e. ... oval:org.secpod.oval:def:89050849 This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multi ... oval:org.secpod.oval:def:117570 Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS l ... oval:org.secpod.oval:def:1802047 CVE-2019-8674 Processing maliciously crafted web content may lead to universal cross site scripting. A logic issue was addressed with improved state management. Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. CVE-2019-8707 Processing maliciously crafted web content may le ... oval:org.secpod.oval:def:705566 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:117567 Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS l ... oval:org.secpod.oval:def:67060 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:63525 Multiple security issues were discovered in the Squid proxy caching server, which could result in the bypass of security filters, information disclosure, the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:1505298 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500091 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. oval:org.secpod.oval:def:68001 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid . Security Fix: * squid: Improper input validation in request allows for proxy manipulation * squid: Off-by- ... oval:org.secpod.oval:def:604842 Multiple security issues were discovered in the Squid proxy caching server, which could result in the bypass of security filters, information disclosure, the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:89000262 This update for squid3 fixes the following issues: - Fixed a Cache Poisoning and Request Smuggling attack - Fixed incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses - Fixed handling of hostname in cachemgr.cgi ... oval:org.secpod.oval:def:504724 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid . Security Fix: * squid: Improper input validation in request allows for proxy manipulation * squid: Off-by- ... |