Squid < HTTP Header Injection Vulnerability

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Synopsis :

The remote proxy server is affected by an HTTP header injection

Description :

According to its banner, the version of Squid is 0.x, 1.x, 2.x and
3.x earlier than Such versions are potentially affected by
an HTTP Header Injection vulnerability. A remote attacker, exploiting
this flaw could create a CRLF condition. (CVE-2015-0881)

See also :


Solution :

Upgrade to Squid version or later.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : false

Family: Firewalls

Nessus Plugin ID: 82530 ()

Bugtraq ID: 72703

CVE ID: CVE-2015-0881

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now