Signature Detail
Short Name |
HTTP:PROXY:SQUID-CACHE-UPDATE |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
http squid proxy cache update |
Release Date |
2010/10/20 |
Update Number |
1795 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+ |
HTTP: Squid Proxy Cache Update Denial of Service
This signature detects attempts to exploit a known denial of service vulnerability in Squid Web proxy application. It is due to incorrect bounds checking when processing crafted cache update reply messages. A remote unauthenticated attacker may trigger this to terminate the affected service. Upon receiving a crafted HTTP request message, the Squid proxy server terminates and resets all established connections. However, the Squid monitor process re-spawns the worker process automatically which restores the proxy services. If the attack is launched continuously, the target Squid proxy can be put into a lasting denial-of-service condition.
Extended Description
Squid is prone to a remote denial-of-service vulnerability because the proxy server fails to perform boundary checks before copying user-supplied data into process buffers. Successfully exploiting this issue allows remote attackers to crash the affected application, denying further service to legitimate users. Attackers may also be able to execute arbitrary code, but this has not been confirmed. This issue affects Squid 2.6.STABLE16 and prior versions. All Squid-3 snapshots and prereleases up to the November 28 snapshot are also vulnerable.
Affected Products
- Debian Linux 4.0
- Debian Linux 4.0 Alpha
- Debian Linux 4.0 Amd64
- Debian Linux 4.0 Arm
- Debian Linux 4.0 Hppa
- Debian Linux 4.0 Ia-32
- Debian Linux 4.0 Ia-64
- Debian Linux 4.0 M68k
- Debian Linux 4.0 Mips
- Debian Linux 4.0 Mipsel
- Debian Linux 4.0 Powerpc
- Debian Linux 4.0 S/390
- Debian Linux 4.0 Sparc
- Gentoo Linux
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Corporate Server 4.0
- Mandriva Corporate Server 4.0.0 X86 64
- Mandriva Linux Mandrake 2007.0
- Mandriva Linux Mandrake 2007.0 X86 64
- Mandriva Linux Mandrake 2007.1
- Mandriva Linux Mandrake 2007.1 X86 64
- Mandriva Linux Mandrake 2008.0
- Mandriva Linux Mandrake 2008.0 X86 64
- Mandriva Multi Network Firewall 2.0.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
- Red Hat Desktop 3.0.0
- Red Hat Desktop 4.0.0
- Red Hat Enterprise Linux 5 Server
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux AS 2.1 IA64
- Red Hat Enterprise Linux AS 3
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux AS 4.5.Z
- Red Hat Enterprise Linux AS 4.6.Z
- Red Hat Enterprise Linux Desktop 5 Client
- Red Hat Enterprise Linux Desktop Workstation 5 Client
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux ES 2.1 IA64
- Red Hat Enterprise Linux ES 3
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux ES 4.5.Z
- Red Hat Enterprise Linux ES 4.6.Z
- Red Hat Enterprise Linux WS 2.1
- Red Hat Enterprise Linux WS 2.1 IA64
- Red Hat Enterprise Linux WS 3
- Red Hat Enterprise Linux WS 4
- Red Hat Fedora 7
- Red Hat Fedora 8
- Squid Web Proxy Cache 2.0.0 PATCH2
- Squid Web Proxy Cache 2.1.0 PATCH2
- Squid Web Proxy Cache 2.3.0 .STABLE4
- Squid Web Proxy Cache 2.3.0 .STABLE5
- Squid Web Proxy Cache 2.4.0
- Squid Web Proxy Cache 2.4.0 .STABLE2
- Squid Web Proxy Cache 2.4.0 .STABLE4
- Squid Web Proxy Cache 2.4.0 .STABLE6
- Squid Web Proxy Cache 2.4.0 .STABLE7
- Squid Web Proxy Cache 2.5.0 .STABLE1
- Squid Web Proxy Cache 2.5.0 .STABLE10
- Squid Web Proxy Cache 2.5.0 .STABLE3
- Squid Web Proxy Cache 2.5.0 .STABLE4
- Squid Web Proxy Cache 2.5.0 .STABLE5
- Squid Web Proxy Cache 2.5.0 .STABLE6
- Squid Web Proxy Cache 2.5.0 .STABLE7
- Squid Web Proxy Cache 2.5.0 .STABLE8
- Squid Web Proxy Cache 2.5.0 .STABLE9
- Squid Web Proxy Cache 2.5.STABLE11
- Squid Web Proxy Cache 2.5.STABLE12
- Squid Web Proxy Cache 2.5.STABLE13
- Squid Web Proxy Cache 2.5.STABLE14
- Squid Web Proxy Cache 2.6
- Squid Web Proxy Cache 2.6.STABLE1
- Squid Web Proxy Cache 2.6.STABLE12
- Squid Web Proxy Cache 2.6.STABLE13
- Squid Web Proxy Cache 2.6.STABLE14
- Squid Web Proxy Cache 2.6.STABLE15
- Squid Web Proxy Cache 2.6.STABLE16
- Squid Web Proxy Cache 2.6.STABLE2
- Squid Web Proxy Cache 2.6.STABLE3
- Squid Web Proxy Cache 2.6.STABLE4
- Squid Web Proxy Cache 2.6.STABLE5
- Squid Web Proxy Cache 2.6.STABLE6
- Squid Web Proxy Cache 2.6.STABLE7
- Squid Web Proxy Cache 3.0.0
- Squid Web Proxy Cache 3.0.0 PRE1
- Squid Web Proxy Cache 3.0.0 PRE2
- Squid Web Proxy Cache 3.0.0 PRE3
- SuSE Linux 10.0 Ppc
- SuSE Linux 10.0 X86
- SuSE Linux 10.0 X86-64
- SuSE Linux 10.1 Ppc
- SuSE Linux 10.1 X86
- SuSE Linux 10.1 X86-64
- SuSE openSUSE 10.2
- SuSE openSUSE 10.3
- Turbolinux Appliance Server 1.0.0 Hosting Edition
- Turbolinux Appliance Server 1.0.0 Workgroup Edition
- Turbolinux Appliance Server 2.0
- Turbolinux Appliance Server Hosting Edition 1.0.0
- Turbolinux Appliance Server Workgroup Edition 1.0.0
- Turbolinux Turbolinux Server 10.0.0
- Turbolinux Turbolinux Server 10.0.0 X64
- Turbolinux Turbolinux Server 11
- Turbolinux Turbolinux Server 11 X64
- Ubuntu Ubuntu Linux 6.06 LTS Amd64
- Ubuntu Ubuntu Linux 6.06 LTS I386
- Ubuntu Ubuntu Linux 6.06 LTS Powerpc
- Ubuntu Ubuntu Linux 6.06 LTS Sparc
- Ubuntu Ubuntu Linux 6.10 Amd64
- Ubuntu Ubuntu Linux 6.10 I386
- Ubuntu Ubuntu Linux 6.10 Powerpc
- Ubuntu Ubuntu Linux 6.10 Sparc
- Ubuntu Ubuntu Linux 7.04 Amd64
- Ubuntu Ubuntu Linux 7.04 I386
- Ubuntu Ubuntu Linux 7.04 Powerpc
- Ubuntu Ubuntu Linux 7.04 Sparc
- Ubuntu Ubuntu Linux 7.10 Amd64
- Ubuntu Ubuntu Linux 7.10 I386
- Ubuntu Ubuntu Linux 7.10 Powerpc
- Ubuntu Ubuntu Linux 7.10 Sparc
References
- BugTraq: 26687