Scientific Linux Security Update : squid34 on SL6.x i386/x86_64
Medium Nessus Plugin ID 96759
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)
SolutionUpdate the affected squid34 and / or squid34-debuginfo packages.