ID de Prueba:	1.3.6.1.4.1.25623.1.0.806518
Categoría:	Web Servers
Título:	Squid 'cache_peer' Security Bypass Vulnerability (SQUID-2015:2)
Resumen:	Squid is prone to an access bypass vulnerability.
Descripción:	Summary: Squid is prone to an access bypass vulnerability. Vulnerability Insight: The flaw is due to improper handling of CONNECT method peer responses when configured with cache_peer. Vulnerability Impact: Successful exploitation will allow remote attackers to bypass security in an explicit gateway proxy. Affected Software/OS: Squid version 3.5.5 and prior. Solution: Update to version 3.5.6 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5400 BugTraq ID: 75553 http://www.securityfocus.com/bid/75553 Debian Security Information: DSA-3327 (Google Search) http://www.debian.org/security/2015/dsa-3327 http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183598.html http://www.openwall.com/lists/oss-security/2015/07/06/8 http://www.openwall.com/lists/oss-security/2015/07/09/12 http://www.openwall.com/lists/oss-security/2015/07/10/2 http://www.openwall.com/lists/oss-security/2015/07/17/14 http://www.securitytracker.com/id/1032873 SuSE Security Announcement: SUSE-SU-2016:1996 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html SuSE Security Announcement: SUSE-SU-2016:2089 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html SuSE Security Announcement: openSUSE-SU-2016:2081 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.