exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2023-49285

Status Candidate

Overview

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Related Files

Ubuntu Security Notice USN-6857-1
Posted Jun 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6857-1 - Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. It was discovered that Squid incorrectly handled SSPI and SMB authentication. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 16.04 LTS.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-28651, CVE-2022-41318, CVE-2023-49285, CVE-2023-49286, CVE-2023-50269
SHA-256 | 818b1f5d93b4df6bccfc5d6fc22d306b23072e7c7d370030caeb86a9084a4e70
Debian Security Advisory 5637-1
Posted Mar 8, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5637-1 - Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management.

tags | advisory, remote, web, denial of service, overflow, vulnerability
systems | linux, debian
advisories | CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848, CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25111, CVE-2024-25617
SHA-256 | a79ef3e7a5505aef83c8e1d9026a34f64acecaa9ccd3e41b225ac5500d8a96e7
Ubuntu Security Notice USN-6594-1
Posted Jan 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6594-1 - Joshua Rogers discovered that Squid incorrectly handled HTTP message processing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Joshua Rogers discovered that Squid incorrectly handled Helper process management. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Joshua Rogers discovered that Squid incorrectly handled HTTP request parsing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2023-49285, CVE-2023-49286, CVE-2023-50269
SHA-256 | db3db3f46c79cee5c6cf7b45a6f9a763efc55e8e7951b7556929117aafe4bdb0
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close