Detections
Analytics
Amazon Linux AMI : squid (ALAS-2018-1081)
high Nessus Plugin ID 117605
Language:
Synopsis
The remote Amazon Linux AMI host is missing a security update.Description
The Squid Software Foundation Squid HTTP Caching Proxy contains a NULL pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request.(CVE-2018-1000027)The Squid Software Foundation Squid HTTP Caching Proxy contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy..
This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.(CVE-2018-1000024)
Solution
Run 'yum update squid' to update your system.See Also
Plugin Details
Severity: High
ID: 117605
File Name: ala_ALAS-2018-1081.nasl
Version: 1.2
Type: local
Agent: unix
Published: 9/20/2018
Updated: 8/6/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2018-1000027
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:amazon:linux, p-cpe:/a:amazon:linux:squid-migration-script, p-cpe:/a:amazon:linux:squid, p-cpe:/a:amazon:linux:squid-debuginfo
Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 9/19/2018
Reference Information
CVE: CVE-2018-1000024, CVE-2018-1000027
ALAS: 2018-1081