rpm package
suse/squid&distro=SUSE Linux Enterprise Server 11 SP3
pkg:rpm/suse/squid&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-9749 | — | < 2.7.STABLE5-2.12.24.2 | 2.7.STABLE5-2.12.24.2 | Nov 6, 2015 | Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability." | ||
| CVE-2014-6270 | — | < 2.7.STABLE5-2.12.24.2 | 2.7.STABLE5-2.12.24.2 | Sep 12, 2014 | Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer |
- CVE-2014-9749Nov 6, 2015affected < 2.7.STABLE5-2.12.24.2fixed 2.7.STABLE5-2.12.24.2
Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."
- CVE-2014-6270Sep 12, 2014affected < 2.7.STABLE5-2.12.24.2fixed 2.7.STABLE5-2.12.24.2
Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer