|
cachemgr.cgi Memory Leak Denial of Service Vulnerability
|
12/20/12
CVE 2012-5643
Squid before 3.3.0.2, 3.2.4, and 3.1.22 is prone to a vulnerability,
which can be exploited by malicious users to cause a DoS (Denial of Service).
The vulnerability is caused due to memory leak errors within cachemgr.cgi when handling certain requests, which can be exploited to consume resources and render the server unusable.
|
DNS Replies Invalid Free Denial of Service Vulnerability
|
11/08/11
CVE 2011-4096
Squid before 3.1.16 is prone to a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when processing certain DNS replies,
which can be exploited to trigger an invalid free via e.g. DNS replies containing a CNAME record pointing to another CNAME record pointing to an empty A record.
|
Gopher Response Processing Buffer Overflow
|
09/06/11
CVE 2011-3205
Squid before 3.0.STABLE26, 3.1.15, and 3.2.0.11 is prone to a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
The vulnerability is caused due to a boundary error when processing Gopher responses and can be exploited to cause a buffer overflow via an overly long string.
|
String Processing NULL Pointer Dereference Denial Of Service Vulnerability
|
09/16/10
CVE 2010-3072
Squid is prone to a remote denial-of-service vulnerability caused by a NULL pointer dereference.
An attacker can exploit this issue to cause the application to crash,
denying service to legitimate users.
|
DNS Reply Remote Buffer Overflow Vulnerability
|
09/10/10
CVE NONE-0105
Squid before 3.1.7 is prone to a remote buffer-overflow vulnerability
because it fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application.
|
HTCP Packet Processing Denial of Service
|
03/10/10
CVE 2010-0639
A denial of service vulnerability exists in Squid Proxy.
The vulnerability is due to a NULL pointer dereference when processing specially crafted Hypertext Caching Protocol (HTCP) packets.
Remote attackers can exploit this issue by sending a malicious HTCP request to the target server.
Successful exploitation could terminate the affected server process abnormally and result in a denial of service condition.
|
strListGetItem Denial of Service
|
08/27/09
CVE 2009-2855
There exists a denial of service vulnerability in the way Squid handles HTTP headers.
The vulnerability is due to an infinite loop error when processing HTTP headers containing a specific delimiter character.
Remote unauthenticated attackers can exploit this vulnerability by sending specially crafted HTTP request packets containing malicious HTTP headers.
Successful exploitation would consume system resources and may cause the service to terminate.
|
Multiple Remote Denial of Service Vulnerabilities
|
07/29/09
CVE 2009-2621
CVE 2009-2622
Squid before 3.0.STABLE17 and 3.1.0.12 is prone to multiple remote denial-of-service vulnerabilities.
Successfully exploiting these issues allow remote attackers to crash the affected application, denying further service to legitimate users.
|
ICAP Adaptation Denial of Service
|
04/16/09
Squid is prone to a remote denial-of-service vulnerability
because the proxy server fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer.
Successfully exploiting this issue allows remote authenticated attackers to consume excessive memory,
resulting in a denial-of-service condition.
|
HTTP Version Number Parsing Denial of Service
|
02/10/09
CVE 2009-0478
There exists a denial of service vulnerability in the way Squid handles HTTP version number.
The vulnerability is due to inappropriate parsing the version number when processing malformed HTTP requests.
Remote unauthenticated attackers can exploit this vulnerability
by sending specially crafted HTTP request packets to an affected system.
Successful exploitation may cause the service to terminate.
|
Cached Objects HTTP headers temporary denial of service
|
04/22/08
CVE 2008-1612
Squid 2.6.STABLE17 has a flaw in the way it manipulated HTTP
headers for cached objects stored in system memory. An attacker
could use this flaw to cause a squid child process to exit. This
interrupted existing connections and made proxy services unavailable.
Note: the parent squid process started a new child process,
so this attack only resulted in a temporary denial of service.
|
Squid Proxy Cache Update Denial of Service
|
12/05/07
CVE 2007-6239
Squid Proxy prior to version 2.6STABLE17, all 3.0PRE versions and 3.0RC1 have a denial-of-service
vulnerability. This vulnerability is caused by memory exhaustion due
to a linked table which grows on every server response
with a 304 status code within an HTTP session.
|
Squid Proxy TRACE Request Remote Denial of Service
|
03/28/07
CVE 2007-1560
The Squid proxy has a denial-of-service vulnerability. The vulnerability is due to a failure
to handle exceptional conditions (Max-Forwards=0) when processing an HTTP TRACE request within the Squid proxy.
Successfully exploiting this issue allows unauthenticated remote attackers to terminate a vulnerable
Squid proxy server, creating a denial of service condition to legitimate users. Squid 2.6 prior to 2.6STABLE12 is
vulnerable.
|
Multiple Vulnerabilities fixed in 2.6.STABLE7
|
01/25/07
Squid versions earlier than 2.6.STABLE7 are affected by the following vulnerabilities:
- CVE 2007-0247
Denial of Service due to core dump via crafted FTP directory listing responses
- CVE 2007-0248
Denial of Service due to external_acl queue overload, which triggers an infinite loop
|
Vulnerability in Squid 2.5.STABLE11
|
10/25/05
Squid 2.5.STABLE11 and earlier is affected by the following vulnerability:
CVE 2005-3258
Denial of service due to odd responses in remote FTP servers under certain conditions.
|
Multiple Vulnerabilities in Squid 2.5.STABLE10
|
09/09/05
Squid 2.5.STABLE10 and earlier are affected by the following vulnerabilities:
- CVE 2005-2794
Denial of service due to assertion failures in certain conditions involving aborted requests
- CVE 2005-2796
Denial of service due to segmentation fault in sslConnectTimeout
|
Multiple Vulnerabilities in Squid 2.5.STABLE9
|
03/16/05
CVE 2005-0626
Due to a race condition, it is possible for cookies to
leak to unintended users, possibly disclosing login
credentials or other sensitive information. This
vulnerability is only an issue when Squid communicates with
a server which relies on obsolete Netscape specifications
on caching of Set-Cookie headers. Squid 2.5 STABLE 7
through 9 are affected by this vulnerability.
05/16/05
Other vulnerabilities in Squid 2.5.STABLE9 include:
- CVE 2005-1345
Unexpectedly permissive access controls if configuration has invalid ACLs
- CVE 2005-1519
DNS response spoofing due to predictable transaction IDs
|
DNS Response Denial of Service
|
02/23/05
CVE 2005-0446
Invalid DNS responses can cause Squid to terminate. An attacker
who controls an authoritative DNS server could exploit this
issue to cause a denial of service. Squid 2.5 STABLE5 through
STABLE8 are affected by this vulnerability.
CVE 2005-0174
Squid 2.5.STABLE7 and earlier are susceptible to HTTP
request smuggling attacks. This type of attack occurs when
an HTTP request contains malformed headers (such as
extraneous whitespace or carriage return characters) or duplicated
headers (such as two Content-Length headers). The Squid
proxy may interpret the malformed request as a single request
while the destination web server interprets it as two
requests, causing the responses to any subsequent requests to become
cached incorrectly. This could allow an attacker to poison
the cache, such that users who request certain legitimate
pages would receive spoofed content.
|
Multiple Vulnerabilities in Squid 2.5.STABLE7
|
01/21/05
02/11/05
03/16/05
05/03/05
There are multiple vulnerabilities affecting Squid 2.5.STABLE7 and earlier, including:
- CVE 2005-0094
Buffer overflow in Gopher response parsing
- CVE 2005-0095
Denial of service in processing WCCP messages with spoofed source addresses
- CVE 2005-0173
Access control bypass in squid_ldap_auth using a leading or trailing space in user name
- CVE 2005-0175
Cache poisoning by an HTTP response splitting attack
- CVE 2005-0194
Access control bypass due to empty access control lists or proxy_auth ACLs without defined auth schemes
- CVE 2005-0211
Buffer overflow in processing long WCCP packets
- CVE 2005-0241
Access control bypass or cache poisoning by oversized HTTP reply headers
- CVE 2005-0718
Denial of service by aborted PUT or POST requests
|
SNMP Module ASN1 Parsing Error
|
10/19/04
CVE 2004-0918
The asn_parse_header function in some cases
allows negative length fields to pass validation. This causes
a memory allocation to fail, after which the server restarts.
Since it takes only a single UDP datagram to cause a
restart, and the restart takes several seconds, repeated
attacks could lead to a denial of service. Squid 2.5.STABLE6
and earlier and 3.0.PRE1 through 3.0.PRE3 are affected by
this vulnerability if the SNMP module is enabled. The
SNMP module is only enabled if both the snmp_port
variable is non-zero in the squid.conf file and
the --enable-snmp option was used when
compiling Squid.
|
url_regex access control bypass
|
03/05/04
CVE 2004-0189
Servers which use url_regex access controls
do not properly check URLs containing encoded
null characters (%00). A remote attacker
could bypass URL-based access controls by including the
%00 sequence in a specially crafted URL.
Squid 2.5 STABLE 4 and earlier versions are affected.
|
Heap overflow in compressed DNS message handling
|
04/15/02
CVE 2002-0163
A heap overflow in the processing of compressed DNS answer
messages could cause the Squid process to stop with a
segmentation fault. This could allow a remote attacker who
has control of a DNS server to crash the Squid proxy. Squid
2.4.STABLE4 and earlier, and pre-release versions of Squid
2.5 and 2.6 downloaded prior to March 12, 2002 are affected
by this vulnerability.
|
FTP proxy buffer overflow
|
02/25/02
CVE 2002-0068
When processing FTP proxy requests, Squid
allocates a buffer based upon the size of the original request,
but copies into that buffer a string which may contain URL-encoded
characters, which could overflow the buffer. This condition, if
exploited a number of times, could lead to a denial of service.
It could also be possible for a remote attacker to execute
arbitrary commands. Versions of Squid prior to 2.4.STABLE4 are
affected by this vulnerability.
|
Access Control List bypass vulnerabilities
|
04/15/02
CVE 1999-1273
CVE 2001-1030
Multiple vulnerabilities could allow a remote attacker to
bypass the access control lists on a Squid proxy, thus permitting
port scanning and possibly remote access from unauthorized
hosts. Squid versions prior to 2.4.STABLE3 may be affected
by one or more of these vulnerabilities.
|
Newline Authentication Flaw
|
02/25/02
CVE 1999-1481
When authenticating to the Squid proxy service, a client
sends a base-64 encoded user name and password pair. When
the server decodes the pair, it does not remove newline and
carriage return characters. Pairs containing newline and
carriage return characters are interpreted as two pairs instead
of one, thereby using one pair for authentication of the current
client, and queueing the second pair for the next client. If the
service is actively used by users with valid user name and password
pairs, an attacker could exploit this situation and gain access
to the service due to a prior user's user name and password
being at the front of the queue.
Squid 2.2.STABLE5 and earlier are affected by this vulnerability.
|
FTP PUT denial of service
|
02/25/02
CVE 2001-0843
A request to the Squid proxy server which uses the PUT
request method for an FTP address could cause the proxy
service to crash if the request only creates a directory
(mkdir). Versions of Squid prior to 2.4.STABLE3 are
affected by this vulnerability.
|
Other miscellaneous vulnerabilities
|
02/25/02
CVE 1999-0710
CVE 2002-0067
CVE 2002-0069
Other miscellaneous vulnerabilities in outdated versions of Squid
in certain configurations could allow a remote attacker to consume
system resources or conduct unauthorized port scanning.
