CVSS: 8.1EPSS: 21%CPEs: 146EXPL: 0CVE-2016-4054 – squid: multiple issues in ESI processing
https://notcve.org/view.php?id=CVE-2016-4054
Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses. Desbordamiento de buffer en Squid 3.x en versiones anteriores a 3.5.17 y 4.x en versiones anteriores a 4.0.9 permite a atacantes remotos ejecutar código arbitrario a través de respuestas Edge Side Includes (ESI) manipuladas. Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack memory, or possibly execute arbitrary code as the user running Squid. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://www.debian.org/security/2016/dsa-3625 http://www.openwall.com/lists/oss-security/2016/04/20/6 http://www.openwall.com/lists/oss-security/2016/04/20/9 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securityfocus.com/bi • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 71%CPEs: 3EXPL: 0CVE-2016-2390
https://notcve.org/view.php?id=CVE-2016-2390
The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service (application crash) via a plaintext HTTP message. El método FwdState::connectedToPeer en FwdState.cc en Squid en versiones anteriores a 3.5.14 y 4.0.x en versiones anteriores a 4.0.6 no maneja correctamente los errores de apretones de manos SSL cuando se construye con la opción --with-openssl, lo que permite a atacantes remotos causar una denegación de servicio (caída de aplicación) a través de un mensaje HTTP en texto plano. • http://bugs.squid-cache.org/show_bug.cgi?id=4437 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.squid-cache.org/pipermail/squid-announce/2016-February/000037.html http://lists.squid-cache.org/pipermail/squid-announce/2016-February/000038.html http://www.securitytracker.com/id/1035045 http://www.squid-cache.org/Advisories/SQUID-2016_1.txt • CWE-20: Improper Input Validation •
CVSS: 8.2EPSS: 1%CPEs: 12EXPL: 0CVE-2016-3947
https://notcve.org/view.php?id=CVE-2016-3947
Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet. Desbordamiento de buffer basado en memoria dinámica en la función Icmp6::Recv en icmp/Icmp6.cc en la utilidad pinger en Squid en versiones anteriores a 3.5.16 y 4.x en versiones anteriores a 4.0.8 permite a servidores remotos provocar una denegación de servicio (degradación de rendimiento o fallos de transición) o escribir información sensible en archivos de registro a través de un paquete ICMPv6. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://www.securitytracker.com/id/1035457 http://www.squid-cache.org/Advisories/SQUID-2016_3.txt http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10495.patch http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11839.patch http://www.sq • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 6%CPEs: 158EXPL: 0CVE-2016-3948 – squid: denial of service issue in HTTP response processing
https://notcve.org/view.php?id=CVE-2016-3948
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers. Squid 3.x en versiones anteriores a 3.5.16 y 4.x en versiones anteriores a 4.0.8 no realiza adecuadamente la comprobación de límites, lo que permite a atacantes remotos provocar una denegación de servicio a través de una respuesta HTTP manipulada, relacionada con cabeceras Vary. An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://rhn.redhat.com/errata/RHSA-2016-2600.html http://www.securitytracker.com/id/1035458 http://www.squid-cache.org/Advisories/SQUID-2016_4.txt http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14016.patch https://security.gentoo.org/glsa/201607-01 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 95%CPEs: 143EXPL: 1CVE-2016-2569 – squid: some code paths fail to check bounds in string object
https://notcve.org/view.php?id=CVE-2016-2569
Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header. Squid 3.x en versiones anteriores a 3.5.15 y 4.x en versiones anteriores a 4.0.7 no añade datos a objetos String adecuadamente, lo que permite a servidores remotos provocar una denegación de servicio (error de aserción y salida de demonio) a través de una cadena larga, según lo demostrado por una cabecera HTTP Vary manipulada. Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. • https://github.com/amit-raut/CVE-2016-2569 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://rhn.redhat.com/errata/RHSA-2016-2600.html http://www.openwall.com/lists/oss-security/2016/02/26/2 http://www.securitytracker.com/id/1035101 http://www.squid-cache.org/Advisories/SQUID-2016_2.txt http://www.squi • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •