Web Servers : Squid Multiple 0-Day Vulnerabilities (Oct 2023)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.100439

Kategorie: Web Servers

Titel: Squid Multiple 0-Day Vulnerabilities (Oct 2023)

Zusammenfassung: Squid is prone to multiple zero-day (0-day) vulnerabilities.

Beschreibung: Summary:
Squid is prone to multiple zero-day (0-day) vulnerabilities.

Vulnerability Insight:
The following flaws have been reported in 2021 to the vendor and
seems to be not fixed yet:

- One-Byte Buffer OverRead in HTTP Request Header Parsing

- strlen(NULL) Crash Using Digest Authentication GHSA-254c-93q9-cp53

- Gopher Assertion Crash

- Whois Assertion Crash

- RFC 2141 / 2169 (URN) Assertion Crash

- Assertion in Negotiate/NTLM Authentication Using Pipeline Prefetching

- Assertion on IPv6 Host Requests with --disable-ipv6

- Assertion Crash on Unexpected 'HTTP/1.1 100 Continue' Response Header

- Pipeline Prefetch Assertion With Double 'Expect:100-continue' Request Headers

- Pipeline Prefetch Assertion With Invalid Headers

- Assertion Crash in Deferred Requests

- Assertion in Digest Authentication

- FTP Authentication Crash

- Assertion Crash In HTTP Response Headers Handling

- Implicit Assertion in Stream Handling

Note: One GHSA advisory has been provided by the security researcher but is not published /
available yet.

Affected Software/OS:
As of 10/2024 the situation about the versions affected by the
previous listed vulnerabilities is largely unclear (The security researcher only stated that all
vulnerabilities were discovered in squid-5.0.5 and the vendor only published a few advisories so
far).

Due to this unclear situation all Squid versions are currently assumed to be vulnerable by the not
yet fixed flaws.

Solution:
No known solution was made available for at least one year
since the disclosure of this vulnerability. Likely none will be provided anymore. General solution
options are to upgrade to a newer release, disable respective features, remove the product or
replace the product by another one.

Notes:

- It seems that some of the flaws could be mitigated by workarounds (listed in the referenced
GitHub Gist) via either configuration changes and/or by disabling some features / functionality
of Squid during build time

- If only these workarounds have been applied and the risk is accepted that these workarounds
might not fully mitigate the relevant flaw(s) please create an override for this result

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Copyright Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.100439
Kategorie:	Web Servers
Titel:	Squid Multiple 0-Day Vulnerabilities (Oct 2023)
Zusammenfassung:	Squid is prone to multiple zero-day (0-day) vulnerabilities.
Beschreibung:	Summary: Squid is prone to multiple zero-day (0-day) vulnerabilities. Vulnerability Insight: The following flaws have been reported in 2021 to the vendor and seems to be not fixed yet: - One-Byte Buffer OverRead in HTTP Request Header Parsing - strlen(NULL) Crash Using Digest Authentication GHSA-254c-93q9-cp53 - Gopher Assertion Crash - Whois Assertion Crash - RFC 2141 / 2169 (URN) Assertion Crash - Assertion in Negotiate/NTLM Authentication Using Pipeline Prefetching - Assertion on IPv6 Host Requests with --disable-ipv6 - Assertion Crash on Unexpected 'HTTP/1.1 100 Continue' Response Header - Pipeline Prefetch Assertion With Double 'Expect:100-continue' Request Headers - Pipeline Prefetch Assertion With Invalid Headers - Assertion Crash in Deferred Requests - Assertion in Digest Authentication - FTP Authentication Crash - Assertion Crash In HTTP Response Headers Handling - Implicit Assertion in Stream Handling Note: One GHSA advisory has been provided by the security researcher but is not published / available yet. Affected Software/OS: As of 10/2024 the situation about the versions affected by the previous listed vulnerabilities is largely unclear (The security researcher only stated that all vulnerabilities were discovered in squid-5.0.5 and the vendor only published a few advisories so far). Due to this unclear situation all Squid versions are currently assumed to be vulnerable by the not yet fixed flaws. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. Notes: - It seems that some of the flaws could be mitigated by workarounds (listed in the referenced GitHub Gist) via either configuration changes and/or by disabling some features / functionality of Squid during build time - If only these workarounds have been applied and the risk is accepted that these workarounds might not fully mitigate the relevant flaw(s) please create an override for this result CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Copyright	Copyright (C) 2023 Greenbone AG