1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-2422-1

[USN-2422-1] Squid vulnerabilities

Severity Low
Affected Packages 6
CVEs 2
Info Packages Vulnerabilities

Squid could be made to crash if it received specially crafted network traffic.

Sebastian Krahmer discovered that the Squid pinger incorrectly handled
certain malformed ICMP packets. A remote attacker could possibly use this
issue to cause Squid to crash, resulting in a denial of service.

Package Affected Version
pkg:deb/ubuntu/squidclient?distro=trusty < 3.3.8-1ubuntu6.2
pkg:deb/ubuntu/squid?distro=trusty < 3.3.8-1ubuntu6.2
pkg:deb/ubuntu/squid3?distro=trusty < 3.3.8-1ubuntu6.2
pkg:deb/ubuntu/squid3-common?distro=trusty < 3.3.8-1ubuntu6.2
pkg:deb/ubuntu/squid-purge?distro=trusty < 3.3.8-1ubuntu6.2
pkg:deb/ubuntu/squid-cgi?distro=trusty < 3.3.8-1ubuntu6.2
ID
USN-2422-1
Severity
low
URL
https://ubuntu.com/security/notices/USN-2422-1
Published
2014-11-25T17:24:16
(9 years ago)
Modified
2014-11-25T17:24:16
(9 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/squidclient?distro=trusty ubuntu squidclient < 3.3.8-1ubuntu6.2 trusty
Affected pkg:deb/ubuntu/squid?distro=trusty ubuntu squid < 3.3.8-1ubuntu6.2 trusty
Affected pkg:deb/ubuntu/squid3?distro=trusty ubuntu squid3 < 3.3.8-1ubuntu6.2 trusty
Affected pkg:deb/ubuntu/squid3-common?distro=trusty ubuntu squid3-common < 3.3.8-1ubuntu6.2 trusty
Affected pkg:deb/ubuntu/squid-purge?distro=trusty ubuntu squid-purge < 3.3.8-1ubuntu6.2 trusty
Affected pkg:deb/ubuntu/squid-cgi?distro=trusty ubuntu squid-cgi < 3.3.8-1ubuntu6.2 trusty
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date