Download
| Alert*
|
oval:org.secpod.oval:def:2501014
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. oval:org.secpod.oval:def:503323 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: * squid: heap-based buffer overflow in HttpHeader::getAuth For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related ... oval:org.secpod.oval:def:58220 An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user contro ... oval:org.secpod.oval:def:1502650 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:58219 An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user contro ... oval:org.secpod.oval:def:116966 Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS l ... oval:org.secpod.oval:def:705078 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:89050849 This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multi ... oval:org.secpod.oval:def:2105109 An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token"s value starts with a quote and ends wit ... oval:org.secpod.oval:def:604508 Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and pot ... oval:org.secpod.oval:def:69744 Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and pot ... |
