Vulnerability-Lookup

BDU:2023-08580

Vulnerability from fstec - Published: 24.11.2023

Title

Уязвимость прокси-сервера Squid, связанная с недостаточной проверкой исключительных состояний, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость прокси-сервера Squid связана с недостаточной проверкой исключительных состояний. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Vendor

Novell Inc., Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», АО «ИВК», АО «НТЦ ИТ РОСА», Squid Software Foundation

Software Name

SUSE Linux Enterprise Server for SAP Applications, SUSE OpenStack Cloud, Suse Linux Enterprise Server, SUSE Linux Enterprise Module for Server Applications, SUSE OpenStack Cloud Crowbar, Debian GNU/Linux, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Server for Raspberry Pi, SUSE Manager Proxy, SUSE Manager Retail Branch Server, SUSE Manager Server, Astra Linux Special Edition (запись в едином реестре российских программ №369), Альт 8 СП (запись в едином реестре российских программ №4305), SUSE Linux Enterprise Real Time, SUSE Linux Enterprise Storage, РОСА Кобальт (запись в едином реестре российских программ №1999), Astra Linux Common Edition (запись в едином реестре российских программ №4433), Squid, SUSE Linux Enterprise Module for SAP Applications

Software Version

12 SP2 (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 7 (SUSE OpenStack Cloud), 12 SP3 (Suse Linux Enterprise Server), 12 SP4 (Suse Linux Enterprise Server), 11 SP3 LTSS (Suse Linux Enterprise Server), 12 SP2-BCL (Suse Linux Enterprise Server), 12 SP2-ESPOS (Suse Linux Enterprise Server), 15 (SUSE Linux Enterprise Server for SAP Applications), 11 SP4-LTSS (Suse Linux Enterprise Server), 12 SP2-LTSS (Suse Linux Enterprise Server), 12 SP3-LTSS (Suse Linux Enterprise Server), 15 SP1 (SUSE Linux Enterprise Module for Server Applications), 8 (SUSE OpenStack Cloud), 12 SP3-BCL (Suse Linux Enterprise Server), 8 (SUSE OpenStack Cloud Crowbar), 10 (Debian GNU/Linux), 12 SP3-ESPOS (Suse Linux Enterprise Server), 12 SP2 (Suse Linux Enterprise Server), 9 (SUSE OpenStack Cloud), 9 (SUSE OpenStack Cloud Crowbar), 12 SP5 (SUSE Linux Enterprise High Performance Computing), 15-LTSS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Module for Server Applications), 11 SP3 (Suse Linux Enterprise Server), 12 SP2 (SUSE Linux Enterprise Server for Raspberry Pi), 12 SP4 LTSS (Suse Linux Enterprise Server), 12 SP4-ESPOS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 4.0 (SUSE Manager Proxy), 4.0 (SUSE Manager Retail Branch Server), 4.0 (SUSE Manager Server), 15 SP3 (SUSE Linux Enterprise Module for Server Applications), 15 SP1 (Suse Linux Enterprise Server), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), 15 SP3 (SUSE Linux Enterprise High Performance Computing), 15 SP3 (Suse Linux Enterprise Server), 4.2 (SUSE Manager Proxy), 4.2 (SUSE Manager Server), 15 SP2 (Suse Linux Enterprise Server), 4.1 (SUSE Manager Server), 4.1 (SUSE Manager Proxy), 15 SP2-ESPOS (SUSE Linux Enterprise High Performance Computing), 4.1 (SUSE Manager Retail Branch Server), - (Альт 8 СП), 15 SP2 (SUSE Linux Enterprise High Performance Computing), 15 (Suse Linux Enterprise Server), 15 SP2-BCL (Suse Linux Enterprise Server), 4.2 (SUSE Manager Retail Branch Server), 15 SP2 (SUSE Linux Enterprise Real Time), 15 (SUSE Linux Enterprise High Performance Computing), 15 SP1 (SUSE Linux Enterprise High Performance Computing), 7 (SUSE Linux Enterprise Storage), 4.7 (Astra Linux Special Edition), 6 (SUSE Linux Enterprise Storage), 15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP3 (SUSE Linux Enterprise Real Time), 7.9 (РОСА Кобальт), 15 SP3-BCL (Suse Linux Enterprise Server), 1.6 «Смоленск» (Astra Linux Common Edition), до 6.5 (Squid), 15 (SUSE Linux Enterprise Module for SAP Applications)

Possible Mitigations

Использование рекомендаций: Для Squid: http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264 https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2023-49286 Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2023-49286.html Для ОС Astra Linux: обновить пакет squid до 5.7-2+deb12u1+astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17 Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства Для Astra Linux Special Edition 4.7 для архитектуры ARM: обновить пакет squid до 5.7-2+deb12u1+astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47 Для ОС РОСА "КОБАЛЬТ": https://abf.rosa.ru/advisories/ROSA-SA-2024-2479 Для ОС РОСА "КОБАЛЬТ": https://abf.rosa.ru/advisories/ROSA-SA-2024-2479 Для ОС Astra Linux: обновить пакет squid3 до 3.5.23-5+deb9u11+astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16

Reference

http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264 https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27 https://security-tracker.debian.org/tracker/CVE-2023-49286 https://www.suse.com/security/cve/CVE-2023-49286.html https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17 https://altsp.su/obnovleniya-bezopasnosti/ https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47 https://abf.rosa.ru/advisories/ROSA-SA-2024-2479 https://abf.rosa.ru/advisories/ROSA-SA-2024-2479 https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16

CWE

CWE-253, CWE-617, CWE-754

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, Squid Software Foundation",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "12 SP2 (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 7 (SUSE OpenStack Cloud), 12 SP3 (Suse Linux Enterprise Server), 12 SP4 (Suse Linux Enterprise Server), 11 SP3 LTSS (Suse Linux Enterprise Server), 12 SP2-BCL (Suse Linux Enterprise Server), 12 SP2-ESPOS (Suse Linux Enterprise Server), 15 (SUSE Linux Enterprise Server for SAP Applications), 11 SP4-LTSS (Suse Linux Enterprise Server), 12 SP2-LTSS (Suse Linux Enterprise Server), 12 SP3-LTSS (Suse Linux Enterprise Server), 15 SP1 (SUSE Linux Enterprise Module for Server Applications), 8 (SUSE OpenStack Cloud), 12 SP3-BCL (Suse Linux Enterprise Server), 8 (SUSE OpenStack Cloud Crowbar), 10 (Debian GNU/Linux), 12 SP3-ESPOS (Suse Linux Enterprise Server), 12 SP2 (Suse Linux Enterprise Server), 9 (SUSE OpenStack Cloud), 9 (SUSE OpenStack Cloud Crowbar), 12 SP5 (SUSE Linux Enterprise High Performance Computing), 15-LTSS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Module for Server Applications), 11 SP3 (Suse Linux Enterprise Server), 12 SP2 (SUSE Linux Enterprise Server for Raspberry Pi), 12 SP4 LTSS (Suse Linux Enterprise Server), 12 SP4-ESPOS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 4.0 (SUSE Manager Proxy), 4.0 (SUSE Manager Retail Branch Server), 4.0 (SUSE Manager Server), 15 SP3 (SUSE Linux Enterprise Module for Server Applications), 15 SP1 (Suse Linux Enterprise Server), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), 15 SP3 (SUSE Linux Enterprise High Performance Computing), 15 SP3 (Suse Linux Enterprise Server), 4.2 (SUSE Manager Proxy), 4.2 (SUSE Manager Server), 15 SP2 (Suse Linux Enterprise Server), 4.1 (SUSE Manager Server), 4.1 (SUSE Manager Proxy), 15 SP2-ESPOS (SUSE Linux Enterprise High Performance Computing), 4.1 (SUSE Manager Retail Branch Server), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), 15 SP2 (SUSE Linux Enterprise High Performance Computing), 15 (Suse Linux Enterprise Server), 15 SP2-BCL (Suse Linux Enterprise Server), 4.2 (SUSE Manager Retail Branch Server), 15 SP2 (SUSE Linux Enterprise Real Time), 15 (SUSE Linux Enterprise High Performance Computing), 15 SP1 (SUSE Linux Enterprise High Performance Computing), 7 (SUSE Linux Enterprise Storage), 4.7 (Astra Linux Special Edition), 6 (SUSE Linux Enterprise Storage), 15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP3 (SUSE Linux Enterprise Real Time), 7.9 (\u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442), 15 SP3-BCL (Suse Linux Enterprise Server), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Common Edition), \u0434\u043e 6.5 (Squid), 15 (SUSE Linux Enterprise Module for SAP Applications)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Squid:\nhttp://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch\nhttps://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264\nhttps://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-49286\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2023-49286.html\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 squid \u0434\u043e 5.7-2+deb12u1+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 squid \u0434\u043e 5.7-2+deb12u1+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \"\u041a\u041e\u0411\u0410\u041b\u042c\u0422\": https://abf.rosa.ru/advisories/ROSA-SA-2024-2479\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \"\u041a\u041e\u0411\u0410\u041b\u042c\u0422\": https://abf.rosa.ru/advisories/ROSA-SA-2024-2479\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 squid3 \u0434\u043e 3.5.23-5+deb9u11+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "24.11.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "20.01.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.12.2023",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-08580",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-49286",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "SUSE Linux Enterprise Server for SAP Applications, SUSE OpenStack Cloud, Suse Linux Enterprise Server, SUSE Linux Enterprise Module for Server Applications, SUSE OpenStack Cloud Crowbar, Debian GNU/Linux, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Server for Raspberry Pi, SUSE Manager Proxy, SUSE Manager Retail Branch Server, SUSE Manager Server, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), SUSE Linux Enterprise Real Time, SUSE Linux Enterprise Storage, \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), Squid, SUSE Linux Enterprise Module for SAP Applications",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4 , Novell Inc. Suse Linux Enterprise Server 12 SP3 , Novell Inc. Suse Linux Enterprise Server 12 SP4 , Novell Inc. Suse Linux Enterprise Server 11 SP3 LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP2-BCL , Novell Inc. Suse Linux Enterprise Server 12 SP2-ESPOS , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 , Novell Inc. Suse Linux Enterprise Server 11 SP4-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP2-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP3-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP3-BCL , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Novell Inc. Suse Linux Enterprise Server 12 SP3-ESPOS , Novell Inc. Suse Linux Enterprise Server 12 SP2 , Novell Inc. Suse Linux Enterprise Server 15-LTSS , Novell Inc. Suse Linux Enterprise Server 11 SP3 , Novell Inc. Suse Linux Enterprise Server 12 SP4 LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP4-ESPOS , Novell Inc. Suse Linux Enterprise Server 15 SP1-BCL , Novell Inc. Suse Linux Enterprise Server 15 SP1 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Novell Inc. Suse Linux Enterprise Server 15 SP3 , Novell Inc. Suse Linux Enterprise Server 15 SP2 , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Novell Inc. Suse Linux Enterprise Server 15 , Novell Inc. Suse Linux Enterprise Server 15 SP2-BCL , Novell Inc. SUSE Linux Enterprise Real Time 15 SP2 , Novell Inc. SUSE Linux Enterprise Storage 7 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Novell Inc. SUSE Linux Enterprise Storage 6 , Novell Inc. SUSE Linux Enterprise Real Time 15 SP3 , \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 7.9  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), Novell Inc. Suse Linux Enterprise Server 15 SP3-BCL , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Squid, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u043c\u043e\u0433\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438 (CWE-253), \u0414\u043e\u0441\u0442\u0443\u043f\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f assert() (CWE-617), \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u044b\u0445 \u0438\u043b\u0438 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0439 (CWE-754)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Squid \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u043e\u043a\u0430\u043c\u0438 \u0438 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch\nhttps://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264\nhttps://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27\nhttps://security-tracker.debian.org/tracker/CVE-2023-49286\nhttps://www.suse.com/security/cve/CVE-2023-49286.html\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\nhttps://abf.rosa.ru/advisories/ROSA-SA-2024-2479\nhttps://abf.rosa.ru/advisories/ROSA-SA-2024-2479\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-253, CWE-617, CWE-754",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,6)"
}

CVE-2023-49286 (GCVE-0-2023-49286)

Vulnerability from cvelistv5 – Published: 2023-12-04 22:53 – Updated: 2025-02-13 17:18

Title

Denial of Service in Helper Process management

Summary

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Severity ?

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-617 - Reachable Assertion
CWE-253 - Incorrect Check of Function Return Value

Assigner

GitHub_M

References

URL

	Vendor	Product	Version
	squid-cache	squid	Affected: < 6.5

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2023-08580

CVE-2023-49286 (GCVE-0-2023-49286)

Tags

Sightings

Nomenclature