[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

[3.4] squid: Multiple vulnerabilities (CVE-2018-1000024, CVE-2018-1000027)

ID: oval:org.secpod.oval:def:1800289Date: (C)2018-03-29   (M)2022-08-29
Class: PATCHFamily: unix




CVE-2018-1000024: Incorrect pointer handling when processing ESI Responses can lead to denial of service. Due to incorrect pointer handling, Squid versions 3.x and 4.x are vulnerable to a denial of service attack when processing ESI responses. This problem allows a remote server delivering certain ESI response syntax to trigger a denial of service for all clients accessing the Squid service. Fixed In Version: squid 3.5.27, squid 4.0.23

Platform:
Alpine Linux 3.4
Product:
squid
Reference:
8554
CVE-2018-1000024
CVE-2018-1000027
CVE    2
CVE-2018-1000024
CVE-2018-1000027
CPE    146
cpe:/a:squid-cache:squid:3.4.1
cpe:/a:squid-cache:squid:3.5.0.2
cpe:/a:squid-cache:squid:3.5.0.1
cpe:/a:squid-cache:squid:3.4.4
...

© SecPod Technologies