Vulnerabilities > Squid Cache > Squid > 3.4.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-04-07 | CVE-2016-3947 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet. | 7.5 |
2015-11-06 | CVE-2014-9749 | Permissions, Privileges, and Access Controls vulnerability in multiple products Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability." | 4.0 |
2015-09-28 | CVE-2015-5400 | Permissions, Privileges, and Access Controls vulnerability in multiple products Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request. | 6.8 |
2015-05-18 | CVE-2015-3455 | Improper Input Validation vulnerability in multiple products Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate. | 2.6 |
2014-11-26 | CVE-2014-7142 | Improper Input Validation vulnerability in multiple products The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size. | 6.4 |
2014-11-26 | CVE-2014-7141 | Data Processing Errors vulnerability in Squid-Cache Squid The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet. | 6.4 |
2014-09-12 | CVE-2014-6270 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow. | 6.8 |