 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2016.0171 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2016-0171) |
| Zusammenfassung: | The remote host is missing an update for the 'squid' package(s) announced via the MGASA-2016-0171 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'squid' package(s) announced via the MGASA-2016-0171 advisory. Vulnerability Insight: Due to incorrect data validation of intercepted HTTP Request messages Squid is vulnerable to clients bypassing the protection against CVE-2009-0801 related issues. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source (CVE-2016-4553). Due to incorrect input validation Squid is vulnerable to a header smuggling attack leading to cache poisoning and to bypass of same-origin security policy in Squid and some client browsers (CVE-2016-4554). Affected Software/OS: 'squid' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-4553 Debian Security Information: DSA-3625 (Google Search) http://www.debian.org/security/2016/dsa-3625 https://security.gentoo.org/glsa/201607-01 RedHat Security Advisories: RHSA-2016:1139 https://access.redhat.com/errata/RHSA-2016:1139 RedHat Security Advisories: RHSA-2016:1140 https://access.redhat.com/errata/RHSA-2016:1140 http://www.securitytracker.com/id/1035768 SuSE Security Announcement: SUSE-SU-2016:1996 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html SuSE Security Announcement: SUSE-SU-2016:2089 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html SuSE Security Announcement: openSUSE-SU-2016:2081 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://www.ubuntu.com/usn/USN-2995-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-4554 RedHat Security Advisories: RHSA-2016:1138 https://access.redhat.com/errata/RHSA-2016:1138 http://www.securitytracker.com/id/1035769 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |