Download
| Alert*
|
oval:org.secpod.oval:def:604508
Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and pot ... oval:org.secpod.oval:def:57565 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:705078 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:2105109 An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token"s value starts with a quote and ends wit ... oval:org.secpod.oval:def:69744 Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and pot ... oval:org.secpod.oval:def:116966 Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS l ... oval:org.secpod.oval:def:57786 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:89050849 This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multi ... oval:org.secpod.oval:def:1802047 CVE-2019-8674 Processing maliciously crafted web content may lead to universal cross site scripting. A logic issue was addressed with improved state management. Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. CVE-2019-8707 Processing maliciously crafted web content may le ... oval:org.secpod.oval:def:89003331 This update for squid fixes the following issues: Security issue fixed: - CVE-2019-12529: Fixed a potential denial of service associated with HTTP Basic Authentication credentials . - CVE-2019-12525: Fixed a denial of service during processing of HTTP Digest Authentication credentials . - CVE-2019-1 ... oval:org.secpod.oval:def:1701886 Due to a buffer overflow bug Squid is vulnerable to a Denial of Service attack against HTTP Digest AuthenticationAn issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block ... oval:org.secpod.oval:def:2500091 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. oval:org.secpod.oval:def:68001 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid . Security Fix: * squid: Improper input validation in request allows for proxy manipulation * squid: Off-by- ... oval:org.secpod.oval:def:1505298 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89000262 This update for squid3 fixes the following issues: - Fixed a Cache Poisoning and Request Smuggling attack - Fixed incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses - Fixed handling of hostname in cachemgr.cgi ... oval:org.secpod.oval:def:504724 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid . Security Fix: * squid: Improper input validation in request allows for proxy manipulation * squid: Off-by- ... |
