Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Squid 3.5.x < 3.5.15 Multiple Vulnerabilities

Medium

Synopsis

The remote proxy server is affected by multiple attack vectors.

Description

Versions of Squid 3.5.x prior to 3.5.15 are affected by multiple vulnerabilities :

- A flaw is triggered when performing improper bounds checks on specially crafted HTTP responses. This may allow a remote attacker to cause a denial of service. (OSVDB 134900, OSVDB 134901) - A flaw is triggered as bounds are not properly checked when processing HTTP responses. This may allow a remote attacker to cause a denial of service for all clients accessing the service. (OSVDB 136595) - An overflow condition exists in the 'Icmp6::Recv()' function in 'icmp/Icmp6.cc' of the pinger binary. The issue is triggered as user-supplied input is not properly validated when handling specially crafted ICMPv6 packets. This may allow a remote attacker to cause a buffer overflow, crashing the pinger process or potentially leaking data into log files. (OSVDB 136596)

Solution

Either upgrade to Squid version 3.5.15 or later, or apply the vendor-supplied patch.