| VID |
22671 |
| Severity |
30 |
| Port |
8080,3128 |
| Protocol |
TCP |
| Class |
Webproxy |
| Detailed Description |
The relevant host is running a version of Squid caching proxy which is older than 3.4.8. Squid is a freely available Web Proxy server for Linux and Unix distributions. Squid Web Proxy Cache versions prior to 3.4.8 are vulnerable to multiple vulnerabilities.
- A off-by-one overflow flaw exists within the SNMP processing component. By using a specially crafted UDP SNMP request, a remote attacker could exploit this to cause a denial of service or possibly execute arbitrary code. (CVE-2014-6270)
- There exists an array indexing flaw in the node pinger that is triggered when parsing ICMP and ICMPv6 replies, which may allow a remote attacker to crash the pinger or obtain sensitive information. (CVE-2014-7141)
- The node pinger has a flaw in function 'Icmp4::Recv' in file 'icmp/Icmp4.cc.' that is triggered when parsing ICMP or ICMPv6 responses. A remote attacker could exploit this to crash the pinger or obtain sensitive information. (CVE-2014-7142)
* Note: This check solely relied on the version number of the remote Squid Web Proxy Cache server to assess this vulnerability, so this might be a false positive.
* References:
http://www.squid-cache.org/Advisories/
http://www.squid-cache.org/Advisories/SQUID-2014_3.txt
http://www.squid-cache.org/Advisories/SQUID-2014_4.txt
* Platforms Affected:
National Science Foundation, Squid Web Proxy Cache versions prior to 3.4.8
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Squid (3.4.8 or later), available from the Squid Web Proxy Cache Web site at http://www.squid-cache.org/Versions/v3/3.4/ |
| Related URL |
CVE-2014-6270,CVE-2014-7141,CVE-2014-7142 (CVE) |
| Related URL |
69686,69688,70022 (SecurityFocus) |
| Related URL |
(ISS) |
|
