Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Squid Proxy Cache Security Update Advisory SQUID-2020:6
Information
Severity
Severity
High
Family
Family
Denial of Service
CVSSv2 Base
CVSSv2 Base
7.8
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:N/I:N/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
3 years ago
Modified
Modified
3 years ago
Summary
Squid is prone to a denial of service vulnerability in the TLS handshake.
Insight
Insight
Due to use of a potentially dangerous function Squid and the default certificate validation helper are vulnerable to a denial of service attack when processing TLS certificates.
Affected Software
Affected Software
Squid versions 3.x - 3.5.28, 4.x - 4.11 and 5.x - 5.0.2.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 4.12, 5.0.3 or later.