Your submission was sent successfully! Close

CVE-2014-9749

Published: 06 November 2015

Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."

Priority

Low

Status

Package Release Status
squid3
Launchpad, Ubuntu, Debian
Upstream
Released (3.5.2)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(3.3.8-1ubuntu16)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)