Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2019-0382)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2019.0382

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2019-0382)

Resumen: The remote host is missing an update for the 'squid' package(s) announced via the MGASA-2019-0382 advisory.

Descripción: Summary:
The remote host is missing an update for the 'squid' package(s) announced via the MGASA-2019-0382 advisory.

Vulnerability Insight:
Potential remote code execution during URN processing (CVE-2019-12526).

Multiple improper validations in URI processing (CVE-2019-12523,
CVE-2019-18676).

Cross-Site Request Forgery in HTTP Request processing (CVE-2019-18677).

Incorrect message parsing which could have led to HTTP request splitting
issue (CVE-2019-18678).

Information disclosure when processing HTTP Digest Authentication
(CVE-2019-18679).

Affected Software/OS:
'squid' package(s) on Mageia 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-12523
Debian Security Information: DSA-4682 (Google Search)
https://www.debian.org/security/2020/dsa-4682
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/
https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html
https://usn.ubuntu.com/4213-1/
https://usn.ubuntu.com/4446-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-12526
https://security.gentoo.org/glsa/202003-34
https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-18676
https://github.com/squid-cache/squid/pull/275
Common Vulnerability Exposure (CVE) ID: CVE-2019-18677
https://github.com/squid-cache/squid/pull/427
Common Vulnerability Exposure (CVE) ID: CVE-2019-18678
https://github.com/squid-cache/squid/pull/445
Common Vulnerability Exposure (CVE) ID: CVE-2019-18679
https://github.com/squid-cache/squid/pull/491

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2019.0382
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2019-0382)
Resumen:	The remote host is missing an update for the 'squid' package(s) announced via the MGASA-2019-0382 advisory.
Descripción:	Summary: The remote host is missing an update for the 'squid' package(s) announced via the MGASA-2019-0382 advisory. Vulnerability Insight: Potential remote code execution during URN processing (CVE-2019-12526). Multiple improper validations in URI processing (CVE-2019-12523, CVE-2019-18676). Cross-Site Request Forgery in HTTP Request processing (CVE-2019-18677). Incorrect message parsing which could have led to HTTP request splitting issue (CVE-2019-18678). Information disclosure when processing HTTP Digest Authentication (CVE-2019-18679). Affected Software/OS: 'squid' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-12523 Debian Security Information: DSA-4682 (Google Search) https://www.debian.org/security/2020/dsa-4682 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/ https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html https://usn.ubuntu.com/4213-1/ https://usn.ubuntu.com/4446-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-12526 https://security.gentoo.org/glsa/202003-34 https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2019-18676 https://github.com/squid-cache/squid/pull/275 Common Vulnerability Exposure (CVE) ID: CVE-2019-18677 https://github.com/squid-cache/squid/pull/427 Common Vulnerability Exposure (CVE) ID: CVE-2019-18678 https://github.com/squid-cache/squid/pull/445 Common Vulnerability Exposure (CVE) ID: CVE-2019-18679 https://github.com/squid-cache/squid/pull/491
Copyright	Copyright (C) 2022 Greenbone AG