Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2021.0499
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2021-0499)
Zusammenfassung:	The remote host is missing an update for the 'squid' package(s) announced via the MGASA-2021-0499 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'squid' package(s) announced via the MGASA-2021-0499 advisory. Vulnerability Insight: Updated squid packages fix security vulnerability: Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody (CVE-2021-28116). Squid is updated to 4.17 that fixes this issue and other bugs. Affected Software/OS: 'squid' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-28116 Debian Security Information: DSA-5171 (Google Search) https://www.debian.org/security/2022/dsa-5171 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4EPIWUZDJAXADDHVOPKRBTQHPBR6H66/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LSQ3U54ZCNXR44QRPW3AV2VCS6K3TKCF/ https://security.gentoo.org/glsa/202105-14 http://www.squid-cache.org/Versions/ https://github.com/squid-cache/squid/security/advisories/GHSA-rgf3-9v3p-qp82 https://www.zerodayinitiative.com/advisories/ZDI-21-157/ http://www.openwall.com/lists/oss-security/2021/10/04/1
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.