Squid < 3.0.STABLE19 / 3.1.0.14 / 2.6.STABLE23 strListGetItem Function Remote DoS

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote proxy server is prone to a denial of service attack.

Description :

According to its banner, the version of the Squid proxy caching server
installed on the remote host is older than 3.0.STABLE19 / 3.1.0.14 /
2.6.STABLE23. A bug in the 'strListGetItem()' function in
'src/HttpHeaderTools.c' can result in an infinite loop when processing
a specially crafted auth header with certain comma delimiters.

A remote attacker may be able to leverage this issue to cause a denial
of service.

See also :

http://bugs.squid-cache.org/show_bug.cgi?id=2541
http://www.nessus.org/u?d0f03356
http://www.nessus.org/u?8bf8993a
http://www.nessus.org/u?d23f7691

Solution :

Upgrade to Squid version 3.0.STABLE19 / 3.1.0.14 / 2.6.STABLE23 or
later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 44400 ()

Bugtraq ID: 36091

CVE ID: CVE-2009-2855