QwikSec

Security Database

CVE

CWE

Training

CVE-2019-12854

Published: Aug 15, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.squid-cache.org/Advisories/SQUID-2019_1.txt

x_refsource_MISC

https://bugs.squid-cache.org/show_bug.cgi?id=4937

x_refsource_MISC

http://www.squid-cache.org/Versions/v4/changesets/squid-4-2981a957716c61ff7e21eee1d7d6eb5a237e466d.patch

x_refsource_MISC

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPXN2CLAGN5QSQBTOV5IGVLDOQSRFNTZ/

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

20190825 [SECURITY] [DSA 4507-1] squid security update

mailing-list

x_refsource_BUGTRAQ

openSUSE-SU-2019:2540

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:2541

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.