SB2022100636 - SUSE update for squid 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022100636

SB2022100636 - SUSE update for squid

Published: October 6, 2022

Security Bulletin ID SB2022100636
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Improper access control (CVE-ID: CVE-2022-41317)

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to inconsistent handling of internal URIs. A remote authenticated proxy user can bypass the manager ACL protection and access cache manager information, which includes records of internal network structure, client credentials, client identity and client traffic behavior.


2) Out-of-bounds read (CVE-ID: CVE-2022-41318)

The vulnerability allows a remote attacker to gain access to potentially sensitive information or crash the server.

The vulnerability exists due to a boundary condition within SSPI and SMB authentication helpers. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system or crash the server.

Successful exploitation of the vulnerability requires that Squid is configured to use NTLM or Negotiate authentication with one of the vulnerable helpers.


Remediation

Install update from vendor's website.

References