Signature Detail
Short Name |
APP:PROXY:SQUID-WCCP-DOS |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
APP |
Keywords |
SQUID WCCP Message Denial of Service |
Release Date |
2005/07/25 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: SQUID WCCP Message Denial of Service
This signature detects invalid WCCP "I_SEE_YOU" messages sent to a Squid proxy server. A malicious user can send an invalid WCC message and cause the Squid process to crash.
Extended Description
A remote denial-of-service vulnerability affects the Web Cache Communication Protocol (WCCP) functionality of Squid Proxy. This issue is due to the application's failure to handle unexpected network data. A remote attacker may leverage this issue to crash the affected Squid Proxy, denying service to legitimate users. UPDATE: This issue was thought to result from a call to the 'recvfrom()' function. This has turned out to be incorrect; the buffer overflow from the call to 'recvfrom()' has been determined to be a new vulnerability (BID 12432).
Affected Products
- Astaro Security Linux 2.0.0 16
- Astaro Security Linux 2.0.0 23
- Astaro Security Linux 2.0.0 24
- Astaro Security Linux 2.0.0 25
- Astaro Security Linux 2.0.0 26
- Astaro Security Linux 2.0.0 27
- Astaro Security Linux 2.0.0 30
- Astaro Security Linux 3.2.0 00
- Astaro Security Linux 3.2.0 10
- Astaro Security Linux 3.2.0 11
- Astaro Security Linux 3.2.0 12
- Astaro Security Linux 3.2.0 15
- Astaro Security Linux 3.2.0 16
- Astaro Security Linux 3.217.0
- Astaro Security Linux 4.0.0 08
- Astaro Security Linux 4.0.0 16
- Conectiva Linux 10.0.0
- Conectiva Linux 9.0.0
- Debian Linux 3.0.0 Alpha
- Debian Linux 3.0.0 Arm
- Debian Linux 3.0.0 Hppa
- Debian Linux 3.0.0 Ia-32
- Debian Linux 3.0.0 Ia-64
- Debian Linux 3.0.0 M68k
- Debian Linux 3.0.0 Mips
- Debian Linux 3.0.0 Mipsel
- Debian Linux 3.0.0 Ppc
- Debian Linux 3.0.0 S/390
- Debian Linux 3.0.0 Sparc
- Red Hat Fedora Core1
- Red Hat Fedora Core2
- Red Hat Linux 7.3.0 I386
- Red Hat Linux 9.0.0 I386
- SGI ProPack 3.0.0
- Squid Web Proxy Cache 2.0.0 PATCH2
- Squid Web Proxy Cache 2.1.0 PATCH2
- Squid Web Proxy Cache 2.3.0 .STABLE4
- Squid Web Proxy Cache 2.3.0 .STABLE5
- Squid Web Proxy Cache 2.4.0
- Squid Web Proxy Cache 2.4.0 .STABLE2
- Squid Web Proxy Cache 2.4.0 .STABLE6
- Squid Web Proxy Cache 2.4.0 .STABLE7
- Squid Web Proxy Cache 2.5.0 .STABLE1
- Squid Web Proxy Cache 2.5.0 .STABLE3
- Squid Web Proxy Cache 2.5.0 .STABLE4
- Squid Web Proxy Cache 2.5.0 .STABLE5
- Squid Web Proxy Cache 2.5.0 .STABLE6
- Squid Web Proxy Cache 2.5.0 .STABLE7
- SuSE Linux 8.0.0
- SuSE Linux 8.0.0 i386
- SuSE Linux 8.1.0
- SuSE Linux Personal 8.2.0
- SuSE Linux Personal 9.0.0
- SuSE Linux Personal 9.0.0 X86 64
- SuSE Linux Personal 9.1.0
- SuSE Linux Personal 9.2.0
- Trustix Secure Enterprise Linux 2.0.0
- Trustix Secure Linux 1.5.0
- Trustix Secure Linux 2.1.0
- Trustix Secure Linux 2.2.0
- Ubuntu Ubuntu Linux 4.1.0 Ia32
- Ubuntu Ubuntu Linux 4.1.0 Ia64
- Ubuntu Ubuntu Linux 4.1.0 Ppc
References