ALT-PU-2023-6866-1
Closed vulnerabilities
BDU:2022-04051
Уязвимость реализации сетевого протокола Gopher прокси-сервера Squid, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-00066
Уязвимость кэширующего прокси-сервера Squid, связанная с неправильным контролем доступа, позволяющая нарушителю получить доступ к конфиденциальной информации
BDU:2023-01309
Уязвимость интерфейса Security Support Provider Interface (SSPI) и реализации сетевого протокола Server Message Block (SMB) прокси-сервера Squid, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-46784
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
- [oss-security] 20231013 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.
- [oss-security] 20231013 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.
- [oss-security] 20231013 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.
- [oss-security] 20231013 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.
- [oss-security] 20231021 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.
- [oss-security] 20231021 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.
- http://www.squid-cache.org/Versions/v4/changesets/SQUID-2021_7.patch
- http://www.squid-cache.org/Versions/v4/changesets/SQUID-2021_7.patch
- http://www.squid-cache.org/Versions/v5/changesets/SQUID-2021_7.patch
- http://www.squid-cache.org/Versions/v5/changesets/SQUID-2021_7.patch
- https://github.com/squid-cache/squid/commit/5e2ea2b13bd98f53e29964ca26bb0d602a8a12b9
- https://github.com/squid-cache/squid/commit/5e2ea2b13bd98f53e29964ca26bb0d602a8a12b9
- https://github.com/squid-cache/squid/security/advisories/GHSA-f5cp-6rh3-284w
- https://github.com/squid-cache/squid/security/advisories/GHSA-f5cp-6rh3-284w
- https://security.netapp.com/advisory/ntap-20221223-0007/
- https://security.netapp.com/advisory/ntap-20221223-0007/
- https://security-tracker.debian.org/tracker/CVE-2021-46784
- https://security-tracker.debian.org/tracker/CVE-2021-46784
Modified: 2024-11-21
CVE-2022-41317
An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an internal cache manager URL. This is fixed in 5.7.
- http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_1.patch
- http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_1.patch
- http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_1.patch
- http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_1.patch
- https://github.com/squid-cache/squid/security/advisories/GHSA-rcg9-7fqm-83mq
- https://github.com/squid-cache/squid/security/advisories/GHSA-rcg9-7fqm-83mq
- https://www.openwall.com/lists/oss-security/2022/09/23/1
- https://www.openwall.com/lists/oss-security/2022/09/23/1
Modified: 2024-11-21
CVE-2022-41318
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
- http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patch
- http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patch
- http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_2.patch
- http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_2.patch
- https://github.com/squid-cache/squid/security/advisories/GHSA-394c-rr7q-6g78
- https://github.com/squid-cache/squid/security/advisories/GHSA-394c-rr7q-6g78
- https://www.openwall.com/lists/oss-security/2022/09/23/2
- https://www.openwall.com/lists/oss-security/2022/09/23/2
Closed bugs
Невозможно получить доступ к cache manager из под squidclient