Описание
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | released | 4.9-2ubuntu1 |
| disco | released | 4.4-1ubuntu2.3 |
| eoan | released | 4.8-1ubuntu2.1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | not-affected | 4.9-2ubuntu1 |
| focal | released | 4.9-2ubuntu1 |
| groovy | released | 4.9-2ubuntu1 |
| hirsute | released | 4.9-2ubuntu1 |
| precise/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 3.5.27-1ubuntu1.4 |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 3.5.27-1ubuntu1.4 |
| esm-infra/focal | DNE | |
| esm-infra/xenial | not-affected | 3.5.12-1ubuntu7.9 |
| focal | DNE | |
| groovy | DNE |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to ...
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
Уязвимость механизма HTTP дайджест-аутентификации прокси-сервера Squid, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
5 Medium
CVSS2
7.5 High
CVSS3