SB2020063011 - Multiple vulnerabilities in Squid

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Resource management error (CVE-ID: CVE-2020-14059)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect synchronization when processing objects in an SMP cache. A remote client trigger a Squid worker assertion and perform a denial of service (DoS) attack.

This attack is limited to SMP Squids using shared memory cache and/or an SMP rock disk cache.

2) Exposed dangerous method or function (CVE-ID: CVE-2020-14058)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to usage of potentially dangerous function when processing TLS certificates. A remote client can perform a denial of service attack when opening TLS connections.

3) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2020-15049)

The vulnerability allows a remote attacker to perform cache poisoning attack.

The vulnerability exists in the way Squid processes client's requests. A remote client can send specially crafted data in the request to perform request smuggling and poison the HTTP cache contents with crafted HTTP(S) request messages.

Successful exploitation of the vulnerability requires an upstream server to participate in the smuggling and generate the poison response sequence.

Remediation

Install update from vendor's website.

References

• https://github.com/squid-cache/squid/security/advisories/GHSA-w7pw-2m4p-58hr
• https://github.com/squid-cache/squid/security/advisories/GHSA-qvf6-485q-vm57
• https://github.com/squid-cache/squid/security/advisories/GHSA-qf3v-rc95-96j5