CVE-2016-2390 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-2390 Interim 1 45 2025-11-05T04:31:48Z current 2021-05-30T13:39:40Z 2025-11-05T04:31:48Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-2390 The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service (application crash) via a plaintext HTTP message. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2016-August/002183.html E-Mail link for SUSE-SU-2016:1996-1 https://lists.suse.com/pipermail/sle-security-updates/2016-August/002212.html E-Mail link for SUSE-SU-2016:2089-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings HPE Helion OpenStack 8 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP5 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP5 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Server Teradata 12 SP3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP5 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 openSUSE Leap 15.5 squid squid-3.5.21-23.4 squid-3.5.21-25.1 squid-3.5.21-26.9.1 squid-4.11-5.17.2 squid-4.13-5.23.1 squid-4.8-2.17 squid-5.4.1-150400.1.16 squid-6.10-150600.3.6.1 squid-6.12-160000.2.2 squid3-3.1.23-8.16.30.1 squid-4.8-2.17 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 squid-4.11-5.17.2 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 squid-4.13-5.23.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 squid-5.4.1-150400.1.16 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP4 squid-6.10-150600.3.6.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 squid3-3.1.23-8.16.30.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA squid3-3.1.23-8.16.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA squid3-3.1.23-8.16.30.1 as a component of SUSE Linux Enterprise Server 11 SP4 squid-3.5.21-23.4 as a component of SUSE Linux Enterprise Server 12 SP2 squid-3.5.21-25.1 as a component of SUSE Linux Enterprise Server 12 SP3 squid-3.5.21-26.9.1 as a component of SUSE Linux Enterprise Server 12 SP4 squid-4.8-2.17 as a component of SUSE Linux Enterprise Server 12 SP5 squid-6.12-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 squid-3.5.21-23.4 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 squid3-3.1.23-8.16.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 squid-4.8-2.17 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 squid as a component of HPE Helion OpenStack 8 squid as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 squid as a component of SUSE Linux Enterprise Module for Server Applications 15 SP4 squid as a component of SUSE Linux Enterprise Module for Server Applications 15 SP5 squid as a component of SUSE Linux Enterprise Server 12 SP2-BCL squid as a component of SUSE Linux Enterprise Server 12 SP3-BCL squid as a component of SUSE Linux Enterprise Server 12 SP3-ESPOS squid as a component of SUSE Linux Enterprise Server 12 SP3-LTSS squid as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS squid as a component of SUSE Linux Enterprise Server 12 SP4-LTSS squid as a component of SUSE Linux Enterprise Server 12 SP5 squid as a component of SUSE Linux Enterprise Server Teradata 12 SP3 squid as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 squid as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 squid as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 squid as a component of SUSE OpenStack Cloud 8 squid as a component of SUSE OpenStack Cloud 9 squid as a component of SUSE OpenStack Cloud Crowbar 8 squid as a component of SUSE OpenStack Cloud Crowbar 9 squid as a component of openSUSE Leap 15.5 The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service (application crash) via a plaintext HTTP message. CVE-2016-2390 SUSE Linux Enterprise High Performance Computing 12 SP5:squid-4.8-2.17 SUSE Linux Enterprise Module for Server Applications 15 SP2:squid-4.11-5.17.2 SUSE Linux Enterprise Module for Server Applications 15 SP3:squid-4.13-5.23.1 SUSE Linux Enterprise Module for Server Applications 15 SP4:squid-5.4.1-150400.1.16 SUSE Linux Enterprise Module for Server Applications 15 SP7:squid-6.10-150600.3.6.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:squid3-3.1.23-8.16.30.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:squid3-3.1.23-8.16.30.1 SUSE Linux Enterprise Server 11 SP4:squid3-3.1.23-8.16.30.1 SUSE Linux Enterprise Server 12 SP2:squid-3.5.21-23.4 SUSE Linux Enterprise Server 12 SP3:squid-3.5.21-25.1 SUSE Linux Enterprise Server 12 SP4:squid-3.5.21-26.9.1 SUSE Linux Enterprise Server 12 SP5:squid-4.8-2.17 SUSE Linux Enterprise Server 16.0:squid-6.12-160000.2.2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:squid-3.5.21-23.4 SUSE Linux Enterprise Server for SAP Applications 11 SP4:squid3-3.1.23-8.16.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:squid-4.8-2.17 HPE Helion OpenStack 8:squid SUSE Linux Enterprise High Performance Computing 12 SP5:squid SUSE Linux Enterprise Module for Server Applications 15 SP4:squid SUSE Linux Enterprise Module for Server Applications 15 SP5:squid SUSE Linux Enterprise Server 12 SP2-BCL:squid SUSE Linux Enterprise Server 12 SP3-BCL:squid SUSE Linux Enterprise Server 12 SP3-ESPOS:squid SUSE Linux Enterprise Server 12 SP3-LTSS:squid SUSE Linux Enterprise Server 12 SP4-ESPOS:squid SUSE Linux Enterprise Server 12 SP4-LTSS:squid SUSE Linux Enterprise Server 12 SP5:squid SUSE Linux Enterprise Server Teradata 12 SP3:squid SUSE Linux Enterprise Server for SAP Applications 12 SP3:squid SUSE Linux Enterprise Server for SAP Applications 12 SP4:squid SUSE Linux Enterprise Server for SAP Applications 12 SP5:squid SUSE OpenStack Cloud 8:squid SUSE OpenStack Cloud 9:squid SUSE OpenStack Cloud Crowbar 8:squid SUSE OpenStack Cloud Crowbar 9:squid openSUSE Leap 15.5:squid moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H