1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-2921-1

[USN-2921-1] Squid vulnerabilities

Severity Low
Affected Packages 6
CVEs 2
Info Packages Vulnerabilities

Several security issues were fixed in Squid.

Sebastian Krahmer discovered that Squid incorrectly handled certain SNMP
requests. If SNMP is enabled, a remote attacker could use this issue to
cause Squid to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2014-6270)

Alex Rousskov discovered that Squid incorrectly handled certain malformed
responses. A remote attacker could possibly use this issue to cause Squid
to crash, resulting in a denial of service. (CVE-2016-2571)

Package Affected Version
pkg:deb/ubuntu/squidclient?distro=trusty < 3.3.8-1ubuntu6.6
pkg:deb/ubuntu/squid?distro=trusty < 3.3.8-1ubuntu6.6
pkg:deb/ubuntu/squid3?distro=trusty < 3.3.8-1ubuntu6.6
pkg:deb/ubuntu/squid3-common?distro=trusty < 3.3.8-1ubuntu6.6
pkg:deb/ubuntu/squid-purge?distro=trusty < 3.3.8-1ubuntu6.6
pkg:deb/ubuntu/squid-cgi?distro=trusty < 3.3.8-1ubuntu6.6
ID
USN-2921-1
Severity
low
URL
https://ubuntu.com/security/notices/USN-2921-1
Published
2016-03-07T12:56:15
(8 years ago)
Modified
2016-03-07T12:56:15
(8 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/squidclient?distro=trusty ubuntu squidclient < 3.3.8-1ubuntu6.6 trusty
Affected pkg:deb/ubuntu/squid?distro=trusty ubuntu squid < 3.3.8-1ubuntu6.6 trusty
Affected pkg:deb/ubuntu/squid3?distro=trusty ubuntu squid3 < 3.3.8-1ubuntu6.6 trusty
Affected pkg:deb/ubuntu/squid3-common?distro=trusty ubuntu squid3-common < 3.3.8-1ubuntu6.6 trusty
Affected pkg:deb/ubuntu/squid-purge?distro=trusty ubuntu squid-purge < 3.3.8-1ubuntu6.6 trusty
Affected pkg:deb/ubuntu/squid-cgi?distro=trusty ubuntu squid-cgi < 3.3.8-1ubuntu6.6 trusty
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date