Filtered by vendor Squid-cache
Subscribe
Search
Total
98 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13345 | 2 Debian, Squid-cache | 2 Debian Linux, Squid | 2020-07-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter. | |||||
| CVE-2019-18679 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2020-07-11 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks. | |||||
| CVE-2016-4553 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Linux, Squid | 2019-12-27 | 5.0 MEDIUM | 8.6 HIGH |
| client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request. | |||||
| CVE-2016-4554 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Linux, Squid | 2019-12-27 | 5.0 MEDIUM | 8.6 HIGH |
| mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue. | |||||
| CVE-2016-4555 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Linux, Squid | 2019-12-27 | 5.0 MEDIUM | 7.5 HIGH |
| client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses. | |||||
| CVE-2016-4556 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Linux, Squid | 2019-12-27 | 5.0 MEDIUM | 7.5 HIGH |
| Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response. | |||||
| CVE-2016-4054 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Linux, Squid | 2019-12-27 | 6.8 MEDIUM | 8.1 HIGH |
| Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses. | |||||
| CVE-2016-4053 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Linux, Squid | 2019-12-27 | 4.3 MEDIUM | 3.7 LOW |
| Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization. | |||||
| CVE-2016-4051 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Linux, Squid | 2019-12-27 | 6.8 MEDIUM | 8.8 HIGH |
| Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data. | |||||
| CVE-2015-3455 | 3 Fedoraproject, Oracle, Squid-cache | 4 Fedora, Linux, Solaris and 1 more | 2019-12-27 | 2.6 LOW | N/A |
| Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate. | |||||
| CVE-2018-1172 | 1 Squid-cache | 1 Squid | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCheck(). A crafted request can trigger the dereference of a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system. Was ZDI-CAN-6088. | |||||
| CVE-2018-1000024 | 3 Canonical, Debian, Squid-cache | 3 Ubuntu Linux, Debian Linux, Squid | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later. | |||||
| CVE-2018-1000027 | 3 Canonical, Debian, Squid-cache | 3 Ubuntu Linux, Debian Linux, Squid | 2019-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later. | |||||
| CVE-2018-19131 | 1 Squid-cache | 1 Squid | 2018-12-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors. | |||||
| CVE-2013-4115 | 2 Opensuse, Squid-cache | 2 Opensuse, Squid | 2018-10-30 | 7.5 HIGH | N/A |
| Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request. | |||||
| CVE-2014-9749 | 2 Opensuse, Squid-cache | 2 Opensuse, Squid | 2018-10-30 | 4.0 MEDIUM | N/A |
| Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability." | |||||
| CVE-2014-0128 | 2 Opensuse, Squid-cache | 2 Opensuse, Squid | 2018-10-30 | 5.0 MEDIUM | N/A |
| Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. | |||||
| CVE-2013-4123 | 2 Opensuse, Squid-cache | 2 Opensuse, Squid | 2018-10-30 | 5.0 MEDIUM | N/A |
| client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote attackers to cause a denial of service via a crafted port number in a HTTP Host header. | |||||
| CVE-2005-0211 | 2 Debian, Squid-cache | 2 Debian Linux, Squid | 2018-10-12 | 7.5 HIGH | N/A |
| Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter. | |||||
| CVE-2016-2570 | 1 Squid-cache | 1 Squid | 2018-03-16 | 5.0 MEDIUM | 7.5 HIGH |
| The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h. | |||||
| CVE-2016-2569 | 1 Squid-cache | 1 Squid | 2018-03-16 | 5.0 MEDIUM | 7.5 HIGH |
| Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header. | |||||
| CVE-2016-3948 | 1 Squid-cache | 1 Squid | 2018-03-16 | 5.0 MEDIUM | 7.5 HIGH |
| Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers. | |||||
| CVE-2016-2571 | 1 Squid-cache | 1 Squid | 2018-03-16 | 5.0 MEDIUM | 7.5 HIGH |
| http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response. | |||||
| CVE-2016-10002 | 2 Debian, Squid-cache | 2 Debian Linux, Squid | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information. | |||||
| CVE-2016-2572 | 1 Squid-cache | 1 Squid | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response. | |||||
| CVE-2015-5400 | 3 Debian, Fedoraproject, Squid-cache | 3 Debian Linux, Fedora, Squid | 2017-09-22 | 6.8 MEDIUM | N/A |
| Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request. | |||||
| CVE-2010-0308 | 1 Squid-cache | 1 Squid | 2017-09-19 | 4.0 MEDIUM | N/A |
| lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header. | |||||
| CVE-2009-2855 | 1 Squid-cache | 1 Squid | 2017-09-19 | 5.0 MEDIUM | N/A |
| The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function. | |||||
| CVE-2014-6270 | 2 Oracle, Squid-cache | 2 Solaris, Squid | 2017-09-08 | 6.8 MEDIUM | N/A |
| Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow. | |||||
| CVE-2016-10003 | 1 Squid-cache | 1 Squid | 2017-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients. | |||||
| CVE-2014-3609 | 1 Squid-cache | 1 Squid | 2017-01-07 | 5.0 MEDIUM | N/A |
| HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values." | |||||
| CVE-2016-4052 | 2 Canonical, Squid-cache | 2 Ubuntu Linux, Squid | 2016-11-30 | 6.8 MEDIUM | 8.1 HIGH |
| Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses. | |||||
| CVE-2016-3947 | 2 Canonical, Squid-cache | 2 Ubuntu Linux, Squid | 2016-11-28 | 7.5 HIGH | 8.2 HIGH |
| Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet. | |||||
| CVE-2016-2390 | 1 Squid-cache | 1 Squid | 2016-11-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service (application crash) via a plaintext HTTP message. | |||||
| CVE-2014-7141 | 1 Squid-cache | 1 Squid | 2016-11-28 | 6.4 MEDIUM | N/A |
| The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet. | |||||
| CVE-2014-7142 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Solaris, Squid | 2016-11-28 | 6.4 MEDIUM | N/A |
| The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size. | |||||
| CVE-2012-5643 | 1 Squid-cache | 1 Squid | 2016-11-28 | 5.0 MEDIUM | N/A |
| Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials. | |||||
| CVE-2013-0189 | 2 Canonical, Squid-cache | 2 Ubuntu Linux, Squid | 2016-11-28 | 5.0 MEDIUM | N/A |
| cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorrect order of arguments or incorrect comparison. | |||||
| CVE-2011-3205 | 1 Squid-cache | 1 Squid | 2016-11-28 | 6.8 MEDIUM | N/A |
| Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression. | |||||
| CVE-2011-4096 | 1 Squid-cache | 1 Squid | 2016-11-28 | 5.0 MEDIUM | N/A |
| The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record. | |||||
| CVE-2015-0881 | 1 Squid-cache | 1 Squid | 2015-03-04 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response. | |||||
| CVE-2013-1839 | 1 Squid-cache | 1 Squid | 2013-10-10 | 7.8 HIGH | N/A |
| The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a "," character in an Accept-Language header. | |||||
| CVE-2012-2213 | 1 Squid-cache | 1 Squid | 2012-04-30 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is unable to provide a squid.conf file for a vulnerable system, and the observed behavior is consistent with a squid.conf file that was (perhaps inadvertently) designed to allow access based on a "req_header Host" acl regex that matches www.uol.com.br. | |||||
| CVE-2010-3072 | 1 Squid-cache | 1 Squid | 2011-01-14 | 5.0 MEDIUM | N/A |
| The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request. | |||||
| CVE-2010-2951 | 1 Squid-cache | 1 Squid | 2010-10-13 | 5.0 MEDIUM | N/A |
| dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response with the TC bit set. | |||||
| CVE-2010-0639 | 1 Squid-cache | 1 Squid | 2010-08-02 | 5.0 MEDIUM | N/A |
| The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port. | |||||
| CVE-2009-2622 | 1 Squid-cache | 1 Squid | 2009-08-12 | 5.0 MEDIUM | N/A |
| Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc. | |||||
| CVE-2009-2621 | 1 Squid-cache | 1 Squid | 2009-08-12 | 5.0 MEDIUM | N/A |
| Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header size, related to (a) HttpMsg.cc and (b) client_side.cc. | |||||