CVE-2016-4555

Severity

Theme

CVE-2016-4555

high

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.

ID	Name	Product	Family	Severity
119723	Squid 3.x < 3.5.18 / 4.x < 4.0.10 Multiple Denial of Service Vulnerabilities (SQUID-2016:9)	Nessus	Firewalls	high
99788	EulerOS 2.0 SP1 : squid (EulerOS-SA-2016-1025)	Nessus	Huawei Local Security Checks	high
9776	Squid 3.5.x < 3.5.18 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	medium
93294	SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:2089-1)	Nessus	SuSE Local Security Checks	high
93279	SUSE SLES12 Security Update : squid (SUSE-SU-2016:2008-1)	Nessus	SuSE Local Security Checks	high
93271	SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:1996-1)	Nessus	SuSE Local Security Checks	high
92994	openSUSE Security Update : squid (openSUSE-2016-988)	Nessus	SuSE Local Security Checks	high
92525	Debian DSA-3625-1 : squid3 - security update	Nessus	Debian Local Security Checks	high
92285	Fedora 23 : 7:squid (2016-b3b9407940)	Nessus	Fedora Local Security Checks	high
92268	Fedora 24 : 7:squid (2016-95edf19d8a)	Nessus	Fedora Local Security Checks	high
91982	GLSA-201607-01 : Squid: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
91645	Scientific Linux Security Update : squid34 on SL6.x i386/x86_64 (20160531)	Nessus	Scientific Linux Local Security Checks	high
91558	Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : squid3 vulnerabilities (USN-2995-1)	Nessus	Ubuntu Local Security Checks	high
91513	Scientific Linux Security Update : squid on SL7.x x86_64 (20160531)	Nessus	Scientific Linux Local Security Checks	high
91417	Oracle Linux 6 : squid34 (ELSA-2016-1140)	Nessus	Oracle Linux Local Security Checks	high
91416	Oracle Linux 7 : squid (ELSA-2016-1139)	Nessus	Oracle Linux Local Security Checks	high
91393	CentOS 6 : squid34 (CESA-2016:1140)	Nessus	CentOS Local Security Checks	high
91392	CentOS 7 : squid (CESA-2016:1139)	Nessus	CentOS Local Security Checks	high
91383	RHEL 6 : squid34 (RHSA-2016:1140)	Nessus	Red Hat Local Security Checks	high
91382	RHEL 7 : squid (RHSA-2016:1139)	Nessus	Red Hat Local Security Checks	high
91173	Debian DLA-478-1 : squid3 security update	Nessus	Debian Local Security Checks	high
90980	FreeBSD : squid -- multiple vulnerabilities (25e5205b-1447-11e6-9ead-6805ca0b3d42)	Nessus	FreeBSD Local Security Checks	high

CVE-2016-4555

high

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Tenable Plugins

high

high

medium

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high