← volver
CVE-2019-12854

CVE-2019-12854

EPSS 11.7%
Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.htmlhttps://bugs.squid-cache.org/show_bug.cgi?id=4937https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPXN2CLAGN5QSQBTOV5IGVLDOQSRFNTZ/https://seclists.org/bugtraq/2019/Aug/42https://usn.ubuntu.com/4213-1/https://www.debian.org/security/2019/dsa-4507http://www.squid-cache.org/Advisories/SQUID-2019_1.txthttp://www.squid-cache.org/Versions/v4/changesets/squid-4-2981a957716c61ff7e21eee1d7d6eb5a237e466d.patch