Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2014-0128
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 5/10
- Exploit Score
- 10/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- None
- Availability Impact
- Partial
- Integrity Impact
- None
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.18:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.13:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.14:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.12:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.4.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.4.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.14:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.4.0.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.12:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.15:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.15:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.13:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.12:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.4.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.16:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.4.0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.5.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.9:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.3.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.1.0.17:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.4.0.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:* |
Yes
|
- | - |
References
- http://lists.opensuse.org/opensuse-updates/2014-04/msg00030.html
- http://secunia.com/advisories/57288
- http://secunia.com/advisories/57889
- http://www.squid-cache.org/Advisories/SQUID-2014_1.txt
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html
- http://www.securityfocus.com/bid/66112
- http://lists.opensuse.org/opensuse-updates/2014-04/msg00060.html