Log

AVG-1062 edited at 07 Nov 2019 09:37:17
Severity
- Unknown
+ Medium
CVE-2019-18679 edited at 07 Nov 2019 09:37:17
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ An information disclosure issue has been found in Squid before 4.9, when processing HTTP Digest Authentication. The nonce tokens contain the raw byte value of a pointer which sits
+ within heap memory allocation, which reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
References
+ http://www.squid-cache.org/Advisories/SQUID-2019_11.txt
+ http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patc
Notes
AVG-1062 created at 07 Nov 2019 09:34:47
Packages
+ squid
Issues
+ CVE-2019-12526
+ CVE-2019-18678
+ CVE-2019-18679
Status
+ Fixed
Severity
+ Unknown
Affected
+ 4.8-2
Fixed
+ 4.9-1
Ticket
Advisory qualified
+ Yes
References
+ http://www.squid-cache.org/Advisories/SQUID-2019_7.txt
+ http://www.squid-cache.org/Advisories/SQUID-2019_10.txt
+ http://www.squid-cache.org/Advisories/SQUID-2019_11.txt
Notes
CVE-2019-18678 created at 07 Nov 2019 09:34:47
AVG-1062 created at 07 Nov 2019 09:34:47
Packages
+ squid
Issues
+ CVE-2019-12526
+ CVE-2019-18678
+ CVE-2019-18679
Status
+ Fixed
Severity
+ Unknown
Affected
+ 4.8-2
Fixed
+ 4.9-1
Ticket
Advisory qualified
+ Yes
References
+ http://www.squid-cache.org/Advisories/SQUID-2019_7.txt
+ http://www.squid-cache.org/Advisories/SQUID-2019_10.txt
+ http://www.squid-cache.org/Advisories/SQUID-2019_11.txt
Notes
CVE-2019-18679 created at 07 Nov 2019 09:34:47
AVG-1062 created at 07 Nov 2019 09:34:47
Packages
+ squid
Issues
+ CVE-2019-12526
+ CVE-2019-18678
+ CVE-2019-18679
Status
+ Fixed
Severity
+ Unknown
Affected
+ 4.8-2
Fixed
+ 4.9-1
Ticket
Advisory qualified
+ Yes
References
+ http://www.squid-cache.org/Advisories/SQUID-2019_7.txt
+ http://www.squid-cache.org/Advisories/SQUID-2019_10.txt
+ http://www.squid-cache.org/Advisories/SQUID-2019_11.txt
Notes
CVE-2019-12526 created at 07 Nov 2019 09:34:47
ASA-201911-7 edited at 04 Nov 2019 19:36:14
ASA-201911-6 edited at 04 Nov 2019 19:34:29
ASA-201911-5 edited at 04 Nov 2019 19:33:28
ASA-201911-3 edited at 04 Nov 2019 19:32:04
ASA-201911-4 edited at 04 Nov 2019 19:28:17
ASA-201911-2 edited at 04 Nov 2019 19:11:22