Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Squid Proxy < 2.5.STABLE8 Gopher, WCCP, and Cache Poisoning Vulnerabilities



The remote host is missing a critical security patch or upgrade.


The remote Squid caching proxy, according to its version number, is vulnerable to several security flaws :

- There is a buffer overflow issue when handling the reply of a rogue gopher site. To exploit this issue, an attacker would need to use the remote proxy to visit a specially setup gopher site generating malformed replies

- There is a denial of service vulnerability in the WCCP code of the remote proxy. To exploit this flaw, an attacker would need to guess the IP of the WCCP router used by the proxy and spoof a malformed UDP packet using the router IP address. There are several flaws in the way that the Squid proxy caches pages. An attacker exploiting these flaws would be able to poison the Squid cache.


Upgrade to Squid 2.5.STABLE8 or higher.