How Does This Vulnerability Affect My Linux Systems?

These severe bugs could result in the compromise and theft of your sensitive data and loss of access to your critical systems. CVE-2023-46846 and CVE-2023-46847 have received a National Vulnerability Database base score of 9.8 out of 10 due to their potential to lead to security breaches or other forms of system instability or unavailability.

What Can I Do To Stay Safe?

Squid has released a critical security update mitigating these dangerous and impactful flaws. Given these vulnerabilities’ severe threat to affected systems, if left unpatched, we urge all affected users to apply the updates released by Mageia, Oracle, SciLinux, and SUSE now. Doing so will protect against downtime, system compromise, and data theft. To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user, subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems. Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).

Discover LinuxSecurity Features

Critical Squid Vulnerabilities Threaten Sensitive Data and System Availability

Brittany Day

1 - 2 min read Nov 13, 2023

Security professionals have discovered various cybersecurity vulnerabilities in the popular Squid caching proxy. These network security issues include request and response smuggling in HTTP/1.1 and ICAP (CVE-2023-46846), Distributed Denial of Service (DDoS) in HTTP Digest Authentication (CVE-2023-46847), and DDoS in FTP (CVE-2023-46848).

Let's review these vulnerabilities and how to boost data and network security to combat these risks.

How Can These Cybersecurity Vulnerabilities Affect My Linux Systems?

These bugs can compromise sensitive data, crash servers, and harm your company's reputation. CVE-2023-46846 and CVE-2023-46847 have a National Vulnerability Database base score of 9.8 out of 10 since they can lead to cloud security breaches and other system access instabilities and blockings.

What Should I Do to Protect My Linux Systems?

Squid Squid plans to mitigate these dangerous cybersecurity vulnerabilities with recent critical updates that should reduce the threat landscape for users. Systems that face attacks in network security must go through immediate privacy sandboxing and security patching to prevent new issues from arising on a server. Apply Mageia, Oracle, SciLinux, and SUSE cybersecurity solutions to combat significant downtime, system compromise, and data theft.

Stay on top of the latest cybersecurity trends, computer security news, and general updates by registering under our open-source cybersecurity projects and applications. If you are a LinuxSecurity user, subscribe to our Linux Advisory Watch security newsletter and customize your advisories based on your distro(s). Having these updates will keep you from falling behind on security patching and other network security issues that could make your system more susceptible to attacks in the future. Also, follow @LS_Advisories on Twitter for real-time updates.