Buffer overflow

2023-11-0308:15:00

PRIOn knowledge base

www.prio-n.com

squid

vulnerability

buffer overflow

denial of service

http digest authentication

7.6 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

91.0%

JSON

Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.

CPENameOperatorVersion
enterprise_linuxeq8.0
enterprise_linuxeq9.0
enterprise_linux_euseq8.6
enterprise_linux_euseq9.0
enterprise_linux_euseq8.8
enterprise_linux_euseq9.2
enterprise_linux_for_arm_64eq8.0.0-aarch64
enterprise_linux_for_ibm_z_systemseq8.0.0-s390-x
enterprise_linux_for_power_little_endianeq8.0.0-ppc64-le
enterprise_linux_servereq7.0

Name	Operator	Version
enterprise_linux	eq	8.0
enterprise_linux	eq	9.0
enterprise_linux_eus	eq	8.6
enterprise_linux_eus	eq	9.0
enterprise_linux_eus	eq	8.8
enterprise_linux_eus	eq	9.2
enterprise_linux_for_arm_64	eq	8.0.0-aarch64
enterprise_linux_for_ibm_z_systems	eq	8.0.0-s390-x
enterprise_linux_for_power_little_endian	eq	8.0.0-ppc64-le
enterprise_linux_server	eq	7.0