Squid 3.5.x < 3.5.9 Multiple DoS

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote proxy server is potentially affected by multiple denial of
service vulnerabilities.

Description :

According to its banner, the version of Squid running on the remote
host is 3.5.x prior to 3.5.9. It is, therefore, potentially affected
by the following vulnerabilities:

- A denial of service vulnerability exists in file bio.cc
when handling hello messages. A remote attacker can
exploit this to cause an infinite loop. (VulnDB 127754)

- An integer overflow condition exists in file bio.cc due
to improper validation of user-supplied input. A remote
attacker can exploit this to crash the proxy, resulting
in a denial of service. (VulnDB 127762)

Note that Nessus has not tested for these issues but has instead relied
only on the application's self-reported version number. The patch
released to address these issues does not update the version given in
the banner. If the patch has been applied properly, and the service
has been restarted, consider this to be a false positive.

See also :

http://www.squid-cache.org/Advisories/
http://www.squid-cache.org/Advisories/SQUID-2015_3.txt

Solution :

Upgrade to Squid version 3.5.9 or later, or apply the vendor-supplied
patch.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.8
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Firewalls

Nessus Plugin ID: 86191 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now