Published: 10/05/2016 Updated: 27/12/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 8.6 | Impact Score: 4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

mime_header.cc in Squid prior to 3.5.18 allows remote malicious users to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle linux 7
oracle linux 6
squid-cache squid
canonical ubuntu linux 14.04
canonical ubuntu linux 12.04
canonical ubuntu linux 16.04
canonical ubuntu linux 15.10

Debian Bug report logs - #823968 squid3: CVE-2016-4553 CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 Package: src:squid3; Maintainer for src:squid3 is Luigi Gangitano <luigi@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 10 May 2016 20:12:01 UTC Severity: important Tags: fixed-upstream, sec ...

Several security issues were fixed in Squid ...

Several security issues have been discovered in the Squid caching proxy CVE-2016-4051: CESG and Yuriy M Kaminskiy discovered that Squid cachemgrcgi was vulnerable to a buffer overflow when processing remotely supplied inputs relayed through Squid CVE-2016-4052: CESG discovered that a buffer overflow made Squid vulnerable to a ...

A buffer overflow flaw was found in the way the Squid cachemgrcgi utility processed remotely relayed Squid input When the CGI interface utility is used, a remote attacker could possibly use this flaw to execute arbitrary code (CVE-2016-4051) Buffer overflow and input validation flaws were found in the way Squid processed ESI responses If Squid ...

An input validation flaw was found in Squid's mime_get_header_field() function, which is used to search for headers within HTTP requests An attacker could send an HTTP request from the client side with specially crafted header Host header that bypasses same-origin security protections, causing Squid operating as interception or reverse-proxy to co ...

CWE-345 http://www.squid-cache.org/Advisories/SQUID-2016_8.txt http://www.squid-cache.org/Versions/v3/3.2/changesets/SQUID-2016_8.patch http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID-2016_8.patch http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_8.patch http://www.squid-cache.org/Versions/v3/3.3/changesets/SQUID-2016_8.patch http://www.securitytracker.com/id/1035769 http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_8.patch http://www.ubuntu.com/usn/USN-2995-1 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html https://security.gentoo.org/glsa/201607-01 http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://www.debian.org/security/2016/dsa-3625 https://access.redhat.com/errata/RHSA-2016:1140 https://access.redhat.com/errata/RHSA-2016:1139 https://access.redhat.com/errata/RHSA-2016:1138 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823968 https://usn.ubuntu.com/2995-1/https://nvd.nist.gov

CVE-2016-4554

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect