1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-2327-1

[USN-2327-1] Squid 3 vulnerability

Severity Medium
Affected Packages 6
CVEs 1
Info Packages Vulnerabilities

Squid could be made to crash if it received specially crafted network traffic.

Matthew Daley discovered that Squid 3 did not properly perform input
validation in request parsing. A remote attacker could send crafted Range
requests to cause a denial of service.

Package Affected Version
pkg:deb/ubuntu/squidclient?distro=trusty < 3.3.8-1ubuntu6.1
pkg:deb/ubuntu/squid?distro=trusty < 3.3.8-1ubuntu6.1
pkg:deb/ubuntu/squid3?distro=trusty < 3.3.8-1ubuntu6.1
pkg:deb/ubuntu/squid3-common?distro=trusty < 3.3.8-1ubuntu6.1
pkg:deb/ubuntu/squid-purge?distro=trusty < 3.3.8-1ubuntu6.1
pkg:deb/ubuntu/squid-cgi?distro=trusty < 3.3.8-1ubuntu6.1
ID
USN-2327-1
Severity
medium
URL
https://ubuntu.com/security/notices/USN-2327-1
Published
2014-08-28T03:31:45
(10 years ago)
Modified
2014-08-28T03:31:45
(10 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/squidclient?distro=trusty ubuntu squidclient < 3.3.8-1ubuntu6.1 trusty
Affected pkg:deb/ubuntu/squid?distro=trusty ubuntu squid < 3.3.8-1ubuntu6.1 trusty
Affected pkg:deb/ubuntu/squid3?distro=trusty ubuntu squid3 < 3.3.8-1ubuntu6.1 trusty
Affected pkg:deb/ubuntu/squid3-common?distro=trusty ubuntu squid3-common < 3.3.8-1ubuntu6.1 trusty
Affected pkg:deb/ubuntu/squid-purge?distro=trusty ubuntu squid-purge < 3.3.8-1ubuntu6.1 trusty
Affected pkg:deb/ubuntu/squid-cgi?distro=trusty ubuntu squid-cgi < 3.3.8-1ubuntu6.1 trusty
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date