Test Kennung:	1.3.6.1.4.1.25623.1.0.107294
Kategorie:	Denial of Service
Titel:	Squid Security Update Advisory (SQUID-2018:1)
Zusammenfassung:	Squid is vulnerable to denial of service attack when; processing ESI responses.
Beschreibung:	Summary: Squid is vulnerable to denial of service attack when processing ESI responses. Vulnerability Insight: Due to unrelated changes Squid-3.5 has become vulnerable to some regular ESI server responses also triggering this issue. This problem is limited to the Squid custom ESI parser. Vulnerability Impact: This problem allows a remote server delivering certain ESI response syntax to trigger a denial of service for all clients accessing the Squid service. Affected Software/OS: Squid versions 3.x through 3.5.27, 4.x through 4.0.22 with specific deployment variants described in the referenced Advisory. Solution: Update to version 4.0.23 or later. Patches are available, please see the references for details. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1000024 Debian Security Information: DSA-4122 (Google Search) https://www.debian.org/security/2018/dsa-4122 http://www.squid-cache.org/Versions/ https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html https://usn.ubuntu.com/3557-1/ https://usn.ubuntu.com/4059-2/
Copyright	Copyright (C) 2018 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.