Описание
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| squid | fixed | 4.10-1 | package | |
| squid3 | removed | package |
Примечания
http://www.squid-cache.org/Advisories/SQUID-2020_2.txt
Squid 3: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-8cdb18ca1829a0b7faa1c9e472604ed0e7e105ac.patch
Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-c1bebac9c1135b7add6589db35c62f16db195b8f.patch
EPSS
Связанные уязвимости
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
Уязвимость прокси-сервера Squid, связанная с выходом операции за границы буфера в памяти, позволяюшая нарушителю получить доступ к защищаемой информации
EPSS