Signature Detail
Short Name |
HTTP:PROXY:SQUID-HEADER-DOS |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
SQUID HEADER DOS AUTHENTICATION |
Release Date |
2010/09/15 |
Update Number |
1773 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+ |
HTTP: Squid Authentication Headers Handling Denial of Service
This signature detects attempts to exploit a known vulnerability against Squid Proxy Servers. A successful attack can result in a denial-of-service condition.
Extended Description
Squid Proxy is prone to a denial-of-service vulnerability. This issue may occur when the proxy handles certain client NTLM-authentication request sequences.
Affected Products
- Mandriva Corporate Server 2.1.0
- Mandriva Corporate Server 2.1.0 X86 64
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Linux Mandrake 10.1.0
- Mandriva Linux Mandrake 10.1.0 X86 64
- Mandriva Linux Mandrake 10.2.0
- Mandriva Linux Mandrake 10.2.0 X86 64
- Mandriva Linux Mandrake 2006.0.0
- Mandriva Linux Mandrake 2006.0.0 X86 64
- Mandriva Multi Network Firewall 2.0.0
- Red Hat Application Server AS 3
- Red Hat Desktop 4.0.0
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux WS 4
- Red Hat Fedora Core1
- Red Hat Fedora Core2
- Red Hat Linux 7.3.0 I386
- Red Hat Linux 9.0.0 I386
- SCO Unixware 7.1.4
- SGI ProPack 3.0.0 SP6
- Squid Web Proxy Cache 2.5.0 .STABLE1
- Squid Web Proxy Cache 2.5.0 .STABLE10
- Squid Web Proxy Cache 2.5.0 .STABLE3
- Squid Web Proxy Cache 2.5.0 .STABLE4
- Squid Web Proxy Cache 2.5.0 .STABLE5
- Squid Web Proxy Cache 2.5.0 .STABLE6
- Squid Web Proxy Cache 2.5.0 .STABLE7
- Squid Web Proxy Cache 2.5.0 .STABLE8
- Squid Web Proxy Cache 2.5.0 .STABLE9
- SuSE Linux Desktop 1.0.0
- SuSE Linux Openexchange Server
- SuSE Linux Personal 10.0.0 OSS
- SuSE Linux Personal 8.2.0
- SuSE Linux Personal 9.0.0
- SuSE Linux Personal 9.0.0 X86 64
- SuSE Linux Personal 9.1.0
- SuSE Linux Personal 9.1.0 X86 64
- SuSE Linux Personal 9.2.0
- SuSE Linux Personal 9.2.0 X86 64
- SuSE Linux Personal 9.3.0
- SuSE Linux Personal 9.3.0 X86 64
- SuSE Linux Professional 10.0.0
- SuSE Linux Professional 10.0.0 OSS
- SuSE Linux Professional 8.2.0
- SuSE Linux Professional 9.0.0
- SuSE Linux Professional 9.0.0 X86 64
- SuSE Linux Professional 9.1.0
- SuSE Linux Professional 9.1.0 X86 64
- SuSE Linux Professional 9.2.0
- SuSE Linux Professional 9.2.0 X86 64
- SuSE Linux Professional 9.3.0
- SuSE Linux Professional 9.3.0 X86 64
- SuSE Novell Linux Desktop 9.0.0
- SuSE SUSE Linux Enterprise Server 8
- SuSE SUSE Linux Enterprise Server 9
- SuSE SuSE Linux Openexchange Server 4.0.0
- SuSE SUSE LINUX Retail Solution 8.0.0
- SuSE SuSE Linux School Server for i386
- SuSE SuSE Linux Standard Server 8.0.0
References
- BugTraq: 14977
- CVE: CVE-2005-2917