Detections
Analytics

Squid < 2.5.STABLE8 DoS

medium Nessus Network Monitor Plugin ID 2520

Synopsis

The remote proxy server is vulnerable to a Denial of Service (DoS) attack.

Description

The remote Squid caching proxy, according to its version number, may be vulnerable to a remote denial of service.

This flaw is caused due to an input validation error in the NTLM module.

An attacker can exploit this flaw to crash the server with a specially crafted packet.

The remote Squid proxy is also vulnerable to a cache-corruption flaw due to incorrect parsing of malformed HTTP headers. An attacker exploiting this flaw would be able to poison the cache.

The remote Squid proxy is vulnerable to an authentication bypass
in the squid_ldap_auth module as well as a remote overflow due to oversized HTTP headers.

Solution

Upgrade to Squid 2.5.STABLE8 or higher.

See Also

http://www.squid-cache.org

http://www.squid-cache.org/Versions/v2/2.5/bugs

http://www.nessus.org/u?af6b5d37

Plugin Details

Severity: Medium

ID: 2520

Family: Web Servers

Published: 1/21/2005

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:squid-cache:squid

Patch Publication Date: 1/8/2005

Vulnerability Publication Date: 1/8/2005

Reference Information

CVE: CVE-2005-0096, CVE-2005-0097, CVE-2005-0173, CVE-2005-0174, CVE-2005-0175, CVE-2005-0211, CVE-2005-0241

BID: 12412, 12431, 12432, 12433, 12220, 12324