Squid < 2.5.STABLE8 Multiple Vulnerabilities

high Nessus Plugin ID 16190

Synopsis

The remote proxy server is affected by multiple vulnerabilities.

Description

According to its version number, the remote Squid caching proxy is affected by several security flaws :

- There is a buffer overflow when handling the reply of a rogue gopher site. (CVE-2005-0094)

- There is a denial of service vulnerability in the WCCP code of the remote proxy. (CVE-2005-0095)

- There is a buffer overflow in the WCCP code that may allow an attacker to execute arbitrary code on the remote host. (CVE-2005-0211)

- There is a flaw in the 'squid_ldap_auth' module that may allow an attacker to bypass authentication and to gain access to the remote proxy. (CVE-2005-0173)

- There is a flaw in the way Squid parses HTTP reply headers. (CVE-2005-0241)

- There is a weakness that may allow for cache poisoning via HTTP response splitting. (CVE-2005-0175)

- There is a weakness that may allow for cache poisoning via crafted malformed headers. (CVE-2005-0174)

Note that this may be a false-positive given the way the Squid team handles releases. Make sure that all the appropriate patches have been applied.

Solution

Upgrade to Squid 2.5.STABLE8 or later.

See Also

http://www.squid-cache.org/Versions/v2/2.5/bugs/

Plugin Details

Severity: High

ID: 16190

File Name: squid_wccp_and_gopher_flaws.nasl

Version: 1.23

Type: remote

Family: Firewalls

Published: 1/18/2005

Updated: 7/30/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:squid-cache:squid

Required KB Items: Settings/ParanoidReport, www/squid

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 1/13/2005

Reference Information

CVE: CVE-2005-0094, CVE-2005-0095, CVE-2005-0173, CVE-2005-0174, CVE-2005-0175, CVE-2005-0211, CVE-2005-0241

BID: 12275, 12276, 12412, 12433, 12432, 12431, 13434, 13435