exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2014-0128

Status Candidate

Overview

Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management.

Related Files

Mandriva Linux Security Advisory 2015-103
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-103 - Due to incorrect state management, Squid before 3.3.12 is vulnerable to a denial of service attack when processing certain HTTPS requests if the SSL-Bump feature is enabled. Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service. Due to incorrect buffer management Squid can be caused by an attacker to write outside its allocated SNMP buffer. Due to incorrect bounds checking Squid pinger binary is vulnerable to denial of service or information leak attack when processing larger than normal ICMP or ICMPv6 packets. Due to incorrect input validation Squid pinger binary is vulnerable to denial of service or information leak attacks when processing ICMP or ICMPv6 packets.

tags | advisory, remote, web, denial of service
systems | linux, mandriva
advisories | CVE-2014-0128, CVE-2014-3609, CVE-2014-6270, CVE-2014-7141, CVE-2014-7142
SHA-256 | b3a7102719ad1db82c04532795f87002757f84b9b74f8c08a14cd808e53dcbcc
Gentoo Linux Security Advisory 201411-11
Posted Nov 28, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201411-11 - Multiple vulnerabilities have been found in Squid, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 3.3.13-r1 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-0128, CVE-2014-7141, CVE-2014-7142
SHA-256 | 73ccf120cd4c0ce4a96bbcd00e0a93a9fa5bff2c7dac71efc1a6c14ead3b2cff
Mandriva Linux Security Advisory 2014-114
Posted Jun 12, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-114 - Due to incorrect state management, Squid before 3.3.12 is vulnerable to a denial of service attack when processing certain HTTPS requests if the SSL-Bump feature is enabled.

tags | advisory, web, denial of service
systems | linux, mandriva
advisories | CVE-2014-0128
SHA-256 | 225c7f2b9fa30d957c67b7a006555a1296a4018846787e04b1214490fcdaf0c7
Red Hat Security Advisory 2014-0597-01
Posted Jun 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0597-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. A denial of service flaw was found in the way Squid processed certain HTTPS requests when the SSL Bump feature was enabled. A remote attacker could send specially crafted requests that could cause Squid to crash.

tags | advisory, remote, web, denial of service
systems | linux, redhat
advisories | CVE-2014-0128
SHA-256 | a93d86f1f5060ac79e0f3de5c45e337415845e6a955bd0933312513c4fbafde0
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close