Download
| Alert*
|
oval:org.secpod.oval:def:600619
Ben Hawkes discovered that squid3, a full featured Web Proxy cache , is vulnerable to a buffer overflow when processing gopher server replies. An attacker can exploit this flaw by connecting to a gopher server that returns lines longer than 4096 bytes. This may result in denial of service conditions ... oval:org.secpod.oval:def:400320 This update of squid3 fixes a buffer overflow vulnerability in the Gopher reply parser code . oval:org.secpod.oval:def:89045186 This update for squid3 fixes the following issues: - Multiple issues in pinger ICMP processing. - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. - CVE-2016-4554: fix header smuggling issue in HTTP Request processing - Fix multiple Denial of Service issues in HTTP Response proces ... oval:org.secpod.oval:def:89045381 This update for squid3 fixes the following issues: - Multiple issues in pinger ICMP processing. - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. - CVE-2016-4554: fix header smuggling issue in HTTP Request processing - fix multiple Denial of Service issues in HTTP Response proces ... oval:org.secpod.oval:def:500241 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. A buffer overflow flaw was found in the way Squid parsed replies from remote Gopher servers. A remote user allowed to send Gopher requests to a Squid proxy could possibly use this flaw to ... oval:org.secpod.oval:def:1503252 An updated squid package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:301093 A vulnerability has been discovered and corrected in squid: Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service or possibly have un ... |
