Squid 2.x / 3.x < 3.5.17 / 4.x < 4.0.9 cachemgr.cgi RCE

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote proxy server is affected by a remote code execution
vulnerability.

Description :

According to its banner, the version of Squid running on the remote
host is 2.x or 3.x prior to 3.5.17, or 4.x prior to 4.0.9. It is,
therefore, affected by a buffer overflow condition in the cachemgr.cgi
tool due to improper validation of user-supplied input when processing
the length of content lines in reports by the cachemgr.cgi tool. An
unauthenticated, remote attacker can exploit this issue, via specially
crafted data in manager reports, to cause a denial of service
condition or the execution of arbitrary code.

Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number. Furthermore,
the patch released to address this issue does not update the version
given in the banner. If the patch has been applied properly, and the
service has been restarted, then consider this to be a false positive.

See also :

http://www.squid-cache.org/Advisories/
http://www.squid-cache.org/Advisories/SQUID-2016_5.txt

Solution :

Upgrade to Squid version 3.5.17 / 4.0.9 or later. Alternatively, apply
the vendor-supplied patch.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.0
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Firewalls

Nessus Plugin ID: 91194 ()

Bugtraq ID:

CVE ID: CVE-2016-4051

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now