CVSS: 8.6EPSS: 56%CPEs: 15EXPL: 0CVE-2016-4553 – squid: Cache poisoning issue in HTTP Request handling
https://notcve.org/view.php?id=CVE-2016-4553
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request. client_side.cc en Squid en versiones anteriores a 3.5.18 y 4.x en versiones anteriores a 4.0.10 no ignora correctamente la cabecera Host cuando se proporciona una URI absoluta, lo que permite a atacantes remotos llevar a cabo ataques de envenenamiento de caché a través de una petición HTTP. An input validation flaw was found in the way Squid handled intercepted HTTP Request messages. An attacker could use this flaw to bypass the protection against issues related to CVE-2009-0801, and perform cache poisoning attacks on Squid. • http://bugs.squid-cache.org/show_bug.cgi?id=4501 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://www.debian.org/security/2016/dsa-3625 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securitytracker.com/id/1035768 http://www.squid-cache.org/Advisories/SQUID-2016_7.txt http& • CWE-20: Improper Input Validation CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.5EPSS: 3%CPEs: 148EXPL: 1CVE-2016-4555 – squid: SegFault from ESIInclude::Start
https://notcve.org/view.php?id=CVE-2016-4555
client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses. client_side_request.cc en Squid 3.x en versiones anteriores a 3.5.18 y 4.x en versiones anteriores a 4.0.10 permite a servidores remotos provocar una denegación de servicio (caída) a través de respuestas Edge Side Includes (ESI) manipuladas. A NULL pointer dereference flaw was found in the way Squid processes ESI responses. If Squid was used as a reverse proxy or for TLS/HTTPS interception, a malicious server could use this flaw to crash the Squid worker process. • http://bugs.squid-cache.org/show_bug.cgi?id=4455 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://www.debian.org/security/2016/dsa-3625 http://www.openwall.com/lists/oss-security/2016/05/06/3 http://www.openwall.com/lists/oss-security/2016/05/06/5 http://www.oracle.com/technetwork/topics/security/linu • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 3%CPEs: 148EXPL: 0CVE-2016-4556 – squid: SIGSEGV in ESIContext response handling
https://notcve.org/view.php?id=CVE-2016-4556
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response. Vulnerabilidad de liberación doble de memoria en Esi.cc en Squid 3.x en versiones anteriores a 3.5.18 y 4.x en versiones anteriores a 4.0.10 permite a servidores remotos provocar una denegación de servicio (caída) a través de una respuesta Edge Side Includes (ESI) manipulada. An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://www.debian.org/security/2016/dsa-3625 http://www.openwall.com/lists/oss-security/2016/05/06/3 http://www.openwall.com/lists/oss-security/2016/05/06/5 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securitytracker.com/ • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 154EXPL: 0CVE-2016-4051 – squid: buffer overflow in cachemgr.cgi
https://notcve.org/view.php?id=CVE-2016-4051
Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data. Desbordamiento de buffer en cachemgr.cgi en Squid 2.x, 3.x en versiones anteriores a 3.5.17 y 4.x en versiones anteriores a 4.0.9 podría permitir a atacantes remotos provocar una denegación de servicio o ejecutar código arbitrario sembrando informes manager con datos manipulados. A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility is used, a remote attacker could possibly use this flaw to execute arbitrary code. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://www.debian.org/security/2016/dsa-3625 http://www.openwall.com/lists/oss-security/2016/04/20/6 http://www.openwall.com/lists/oss-security/2016/04/20/9 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/t • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 4%CPEs: 144EXPL: 0CVE-2016-4052 – squid: multiple issues in ESI processing
https://notcve.org/view.php?id=CVE-2016-4052
Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses. Múltiples desbordamientos de buffer basado en pila en Squid 3.x en versiones anteriores a 3.5.17 y 4.x en versiones anteriores a 4.0.9 permiten a servidores HTTP remotos provocar una denegación de servicio o ejecutar código arbitrario a través de respuestas Edge Side Includes (ESI) manipuladas. Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack memory, or possibly execute arbitrary code as the user running Squid. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://www.debian.org/security/2016/dsa-3625 http://www.openwall.com/lists/oss-security/2016/04/20/6 http://www.openwall.com/lists/oss-security/2016/04/20/9 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/t • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •