FreeBSD : squid -- Improper Protection of Alternate Path with CONNECT requests (150d1538-23fa-11e5-a4a5-002590263bf5)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Squid security advisory 2015:2 reports :

Squid configured with cache_peer and operating on explicit proxy
traffic does not correctly handle CONNECT method peer responses.

The bug is important because it allows remote clients to bypass
security in an explicit gateway proxy.

However, the bug is exploitable only if you have configured cache_peer
to receive CONNECT requests.

See also :

http://www.squid-cache.org/Advisories/SQUID-2015_2.txt
http://www.nessus.org/u?a7e74b0a

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 84553 ()

Bugtraq ID:

CVE ID: CVE-2015-5400

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now