CVE-2021-28116

Debian Bug report logs - #986804 CVE-2021-28116 Package: squid; Maintainer for squid is Luigi Gangitano <luigi@debianorg>; Source for squid is src:squid (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 12 Apr 2021 10:03:03 UTC Severity: important Tags: security, upstream Reply ...

Multiple security issues were discovered in the Squid proxy caching server: CVE-2021-28116 Amos Jeffries discovered an information leak if WCCPv2 is enabled CVE-2021-46784 Joshua Rogers discovered that an error in parsing Gopher server responses may result in denial of service For the oldstable distribution (buster), these problems ha ...

Due to a buffer overflow bug Squid is vulnerable to a Denial of Service attack against HTTP Digest Authentication An issue was discovered in Squid through 47 When handling requests from users, Squid checks its rules to see if the request should be denied Squid by default comes with rules to block access to the Cache Manager, which serves detaile ...

Squid through 414 and 5x through 505, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data This can be leveraged as part of a chain for remote code execution as nobody (CVE-2021-28116) An issue was discovered in Squid before 415 and 5x before 506 Due to a buffer-management bug, it a ...

Squid through 414 and 5x through 505, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data This can be leveraged as part of a chain for remote code execution as nobody ...

Squid through 414 and 5x through 505, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data This can be leveraged as part of a chain for remote code execution as nobody ...