Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Squid 3.x < 3.5.6 Multiple Vulnerabilities

High

Synopsis

The remote proxy server is affected by multiple vulnerabilities.

Description

Versions of Squid 3.x prior to 3.5.6 are potentially affected by by the following vulnerabilities :

- An authentication bypass vulnerability exists due to a flaw in file 'tunnel.cc', which is triggered whenever cache peer CONNECT responses are blindly forwarded in a hierarchy of two or more proxies, resulting in unrestricted access to a back-end proxy through its gateway proxy. A remote, unauthenticated attacker, using a specially crafted request, can exploit this vulnerability to bypass authentication or gain access to protected resources. This issue occurs in configurations with cache_peer enabled, and exploitation would require that the two proxies have differing levels of security. (CVE-2015-5400) - A flaw in 'ssl/support.cc' that is triggered during the handling of repeated client-initiated TLS renegotation messages. This may allow a remote attacker to cause a denial of service. (OSVDB 124238)

Solution

Either upgrade to Squid version 3.5.6 or later, or apply the vendor-supplied patch.