Squid sslConnectTimeout Function Remote DoS

High Log Correlation Engine Plugin ID 801036

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote Squid caching proxy, according to its version number, is vulnerable to an attack where the attacker can cause the Squid proxy to stop servicing valid service requests. The flaw is within the 'sslConnectTimeout' function and stems from the functions inability to parse user-supplied requests. Successful exploitation leads to a loss of availability.

Solution

Upgrade to version 2.5.STABLE11 (when available) or higher.

Plugin Details

Severity: High

ID: 801036

File Name: 801036.prm

Family: Web Servers

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:ND

Reference Information

CVE: CVE-2005-2794, CVE-2005-2796

BID: 14731, 14761