ID de Prueba:	1.3.6.1.4.1.25623.1.0.142630
Categoría:	Denial of Service
Título:	Squid Security Update Advisory SQUID-2019:1
Resumen:	Squid is prone to a denial of service vulnerability due to incorrect string; termination the cachemgr.cgi which may access unallocated memory.
Descripción:	Summary: Squid is prone to a denial of service vulnerability due to incorrect string termination the cachemgr.cgi which may access unallocated memory. Vulnerability Insight: This problem allows a remote attacker with access to the Squid manager API to perform a denial of service on other clients. This problem is limited to the cachemgr CGI binary. Web servers which run per-client instances of CGI tools are affected by the issue, but the denial of service is not able to affect other clients. Affected Software/OS: Squid versions 4.x - 4.7. Solution: Update to version 4.8 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-12854 Bugtraq: 20190825 [SECURITY] [DSA 4507-1] squid security update (Google Search) https://seclists.org/bugtraq/2019/Aug/42 Debian Security Information: DSA-4507 (Google Search) https://www.debian.org/security/2019/dsa-4507 http://www.squid-cache.org/Advisories/SQUID-2019_1.txt http://www.squid-cache.org/Versions/v4/changesets/squid-4-2981a957716c61ff7e21eee1d7d6eb5a237e466d.patch https://bugs.squid-cache.org/show_bug.cgi?id=4937 SuSE Security Announcement: openSUSE-SU-2019:2540 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html SuSE Security Announcement: openSUSE-SU-2019:2541 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html https://usn.ubuntu.com/4213-1/
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.