FreeBSD : squid -- multiple vulnerabilities (297117ba-f92d-11e5-92ce-002590263bf5)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Squid security advisory 2016:3 reports :

Due to a buffer overrun Squid pinger binary is vulnerable to denial of
service or information leak attack when processing ICMPv6 packets.

This bug also permits the server response to manipulate other ICMP and
ICMPv6 queries processing to cause information leak.

This bug allows any remote server to perform a denial of service
attack on the Squid service by crashing the pinger. This may affect
Squid HTTP routing decisions. In some configurations, sub-optimal
routing decisions may result in serious service degradation or even
transaction failures.

If the system does not contain buffer-overrun protection leading to
that crash this bug will instead allow attackers to leak arbitrary
amounts of information from the heap into Squid log files. This is of
higher importance than usual because the pinger process operates with
root priviliges.

Squid security advisory 2016:4 reports :

Due to incorrect bounds checking Squid is vulnerable to a denial of
service attack when processing HTTP responses.

This problem allows a malicious client script and remote server
delivering certain unusual HTTP response syntax to trigger a denial of
service for all clients accessing the Squid service.

See also :

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 90334 ()

Bugtraq ID:

CVE ID: CVE-2016-3947

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now