[USN-4059-2] Squid vulnerabilities
Several security issues were fixed in Squid.
USN-4059-1 and USN-3557-1 fixed several vulnerabilities in Squid. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
Louis Dion-Marcil discovered that Squid incorrectly handled certain
Edge Side Includes (ESI) responses. A malicious remote server could
possibly cause Squid to crash, resulting in a denial of service.
(CVE-2018-1000024)
Louis Dion-Marcil discovered that Squid incorrectly handled certain
Edge Side Includes (ESI) responses. A malicious remote server could
possibly cause Squid to crash, resulting in a denial of service.
(CVE-2018-1000027)
It was discovered that Squid incorrectly handled the cachemgr.cgi web
module. A remote attacker could possibly use this issue to conduct
cross-site scripting (XSS) attacks. (CVE-2019-13345)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/squidclient?distro=precise | < 3.1.19-1ubuntu3.12.04.9 |
pkg:deb/ubuntu/squid?distro=precise | < 3.1.19-1ubuntu3.12.04.9 |
pkg:deb/ubuntu/squid3?distro=precise | < 3.1.19-1ubuntu3.12.04.9 |
pkg:deb/ubuntu/squid3-common?distro=precise | < 3.1.19-1ubuntu3.12.04.9 |
pkg:deb/ubuntu/squid-common?distro=precise | < 3.1.19-1ubuntu3.12.04.9 |
pkg:deb/ubuntu/squid-cgi?distro=precise | < 3.1.19-1ubuntu3.12.04.9 |
- ID
- USN-4059-2
- Severity
- high
- Severity from
- CVE-2018-1000024
- URL
- https://ubuntu.com/security/notices/USN-4059-2
- Published
-
2019-07-17T13:25:19
(5 years ago) - Modified
-
2019-07-17T13:25:19
(5 years ago) - Other Advisories
-
- ALAS-2018-1081
- ALAS-2020-1386
- ALAS2-2020-1448
- ALPINE:CVE-2018-1000024
- ALPINE:CVE-2018-1000027
- ALPINE:CVE-2019-13345
- ALSA-2019:3476
- DSA-4122-1
- DSA-4507-1
- ELSA-2020-1068
- FEDORA-2018-4fabf63492
- FEDORA-2019-c1e06901bc
- FEDORA-2019-cb50bcc189
- FREEBSD:D5B6D151-1887-11E8-94F7-9C5C8E75236A
- openSUSE-SU-2019:1963-1
- openSUSE-SU-2019:2540-1
- openSUSE-SU-2019:2541-1
- RHSA-2019:3476
- RHSA-2020:1068
- RLSA-2019:3476
- SUSE-SU-2018:0636-1
- SUSE-SU-2018:0752-1
- SUSE-SU-2019:2089-1
- SUSE-SU-2019:2089-2
- SUSE-SU-2019:2092-1
- SUSE-SU-2019:2975-1
- SUSE-SU-2019:3067-1
- USN-3557-1
- USN-4059-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/squidclient?distro=precise | ubuntu | squidclient | < 3.1.19-1ubuntu3.12.04.9 | precise | ||
Affected | pkg:deb/ubuntu/squid?distro=precise | ubuntu | squid | < 3.1.19-1ubuntu3.12.04.9 | precise | ||
Affected | pkg:deb/ubuntu/squid3?distro=precise | ubuntu | squid3 | < 3.1.19-1ubuntu3.12.04.9 | precise | ||
Affected | pkg:deb/ubuntu/squid3-common?distro=precise | ubuntu | squid3-common | < 3.1.19-1ubuntu3.12.04.9 | precise | ||
Affected | pkg:deb/ubuntu/squid-common?distro=precise | ubuntu | squid-common | < 3.1.19-1ubuntu3.12.04.9 | precise | ||
Affected | pkg:deb/ubuntu/squid-cgi?distro=precise | ubuntu | squid-cgi | < 3.1.19-1ubuntu3.12.04.9 | precise |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |