FreeBSD : squid -- possible cache-poisoning via malformed HTTP responses (b4d94fa0-6e38-11d9-9e1e-c296ac722cb3)

Medium Nessus Plugin ID 19089


The remote FreeBSD host is missing a security-related update.


The squid patches page notes :

This patch makes Squid considerably stricter while parsing the HTTP protocol.

- A Content-length header should only appear once in a valid request or response. Multiple Content-length headers, in conjunction with specially crafted requests, may allow Squid's cache to be poisoned with bad content in certain situations.

- CR characters is only allowed as part of the CR NL line terminator, not alone. This to ensure that all involved agrees on the structure of HTTP headers.

- Rejects requests/responses that have whitespace in an HTTP header name.

To enable these strict parsing rules, update to at least squid-2.5.7_9 and specify relaxed_header_parser off in squid.conf.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 19089

File Name: freebsd_pkg_b4d94fa06e3811d99e1ec296ac722cb3.nasl

Version: $Revision: 1.13 $

Type: local

Published: 2005/07/13

Modified: 2013/06/22

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:squid, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2005/01/24

Vulnerability Publication Date: 2005/01/24

Reference Information

CVE: CVE-2005-0174

CERT: 768702