SB2024070140 - Ubuntu update for squid3

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024070140

SB2024070140 - Ubuntu update for squid3

Published: July 1, 2024

Security Bulletin ID SB2024070140
Severity
Medium
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2021-28651)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when resolving "urn:" resource identifiers. A remote attacker can trick a user behind the proxy server to click on a specially crafted "urn:" link that leads to a server under attacker's control and force Squid to consume arbitrarily large amounts of memory on the server. 


2) Out-of-bounds read (CVE-ID: CVE-2022-41318)

The vulnerability allows a remote attacker to gain access to potentially sensitive information or crash the server.

The vulnerability exists due to a boundary condition within SSPI and SMB authentication helpers. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system or crash the server.

Successful exploitation of the vulnerability requires that Squid is configured to use NTLM or Negotiate authentication with one of the vulnerable helpers.


3) Out-of-bounds read (CVE-ID: CVE-2023-49285)

The vulnerability allows a remote attacker perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when handling HTTP messages. A remote attacker can send specially crafted data to the server, trigger an out-of-bounds read error and crash the proxy server.


4) Unchecked Return Value (CVE-ID: CVE-2023-49286)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect check of function return value in Helper process management. A remote attacker can pass specially crafted data to the proxy server and perform a denial of service (DoS) attack.


5) Uncontrolled Recursion (CVE-ID: CVE-2023-50269)

The vulnerability allows a remote client to perform a denial of service (DoS) attack.

The vulnerability exists due to uncontrolled recursion when parsing HTTP requests. A remote client can send a specially crafted HTTP request with the a large X-Forwarded-For header, when the follow_x_forwarded_for feature is configured, and perform a denial of service (DoS) attack.


6) Input validation error (CVE-ID: CVE-2024-25617)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of HTTP headers. A remote attacker can send a specially crafted HTTP request to the server and perform a denial of service (DoS) attack.

Successful exploitation of the vulnerability requires that the request_header_max_size or reply_header_max_size settings are
unchanged from the default.


Remediation

Install update from vendor's website.

References