Detections
Analytics
Squid sslConnectTimeout Function Remote DoS
high Log Correlation Engine Plugin ID 801036
Synopsis
The remote host is vulnerable to a Denial of Service (DoS) attack.Description
The remote Squid caching proxy, according to its version number, is vulnerable to an attack where the attacker can cause the Squid proxy to stop servicing valid service requests. The flaw is within the 'sslConnectTimeout' function and stems from the functions inability to parse user-supplied requests. Successful exploitation leads to a loss of availability.Solution
Upgrade to version 2.5.STABLE11 (when available) or higher.Plugin Details
Severity: High
ID: 801036
Family: Web Servers
Reference Information
CVE: CVE-2005-2794, CVE-2005-2796