Squid 3.5.x < 3.5.23 / 4.0.x < 4.0.17 Multiple Information Disclosure

Medium Nessus Network Monitor Plugin ID 9858

Synopsis

The remote proxy server is affected by multiple information disclosure attack vectors.

Description

Versions of Squid 4.0.x prior to 4.0.17, and 3.5.x prior to 3.5.18 are affected by multiple vulnerabilities :

 - A flaw exists in the collapsed forwarding functionality in 'client_side_reply.cc' that is triggered as request headers are not properly compared, which can cause the program to deliver responses containing private data to clients it should not have reached. This may allow a remote attacker to gain access to potentially sensitive information from other sessions.
 - A flaw exists in 'client_side_reply.cc' that is triggered during the handling of HTTP conditional requests. This may allow a remote attacker to gain access to potentially sensitive information from other sessions.

Solution

Upgrade to Squid version 4.0.17 or later. If 4.0.x versions cannot be obtained, version 3.5.23 is also patched for these vulnerabilities.

See Also

http://www.squid-cache.org/Advisories/SQUID-2016_11.txt

http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_10_a.patch

http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14127.patch

http://www.squid-cache.org/Versions/v4/changesets/squid-4-14956.patch

Plugin Details

Severity: Medium

ID: 9858

Family: Web Servers

Published: 2017/01/09

Updated: 2019/03/06

Dependencies: 3389

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSS v3.0

Base Score: 3.7

Temporal Score: 3.6

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:squid-cache:squid

Patch Publication Date: 2016/12/16

Vulnerability Publication Date: 2016/12/16

Reference Information

CVE: CVE-2016-10002, CVE-2016-10003