[squid-users] SQUID 6.10 vulnerabilities

Tue Aug 27 18:45:58 UTC 2024

On 19.08.24 11:37, Guy Tzudkevitz wrote:
>I'm running Squid on Ubuntu 22.04
>I ran a vulnerability scan on this server and got a result from the vendor that this version is vulnerable. See. Is there any way to fix it?

Ubuntu package developers and/or security team usually fix those bugs 
without raising version numbers.

these scanners usually use the version number reported by squid while 
knowing that the vulnerability may be fixed.

They often even notice you about it in scan results.

you can check if the particular bug is fixed in Ubuntu version on:
https://ubuntu.com/security/cves

e.g.
https://ubuntu.com/security/cves?q=&package=squid&version=jammy

>Vulnerability Details
>Name
>Squid Multiple 0-Day Vulnerabilities (Oct 2023)
>Found On
>X.X.X.X
>Insight
>
>The following flaws have been reported in 2021 to the vendor and seems to be not fixed yet:
> - Use-After-Free in TRACE Requests
> - X-Forwarded-For Stack Overflow
> - Chunked Encoding Stack Overflow
> - Use-After-Free in Cache Manager Errors
> - Memory Leak in HTTP Response Parsing
> - Memory Leak in ESI Error Processing
> - 1-Byte Buffer OverRead in RFC 1123 date/time Handling GHSA-8w9r-p88v-mmx9
> - One-Byte Buffer OverRead in HTTP Request Header Parsing
> - strlen(NULL) Crash Using Digest Authentication GHSA-254c-93q9-cp53
> - Assertion in ESI Header Handling
> - Gopher Assertion Crash
> - Whois Assertion Crash
> - RFC 2141 / 2169 (URN) Assertion Crash
> - Assertion in Negotiate/NTLM Authentication Using Pipeline Prefetching
> - Assertion on IPv6 Host Requests with
> --disable-ipv6
> - Assertion Crash on Unexpected 'HTTP/1.1 100 Continue' Response Header
> - Pipeline Prefetch Assertion With Double 'Expect:100-continue' Request Headers
> - Pipeline Prefetch Assertion With Invalid Headers
> - Assertion Crash in Deferred Requests
> - Assertion in Digest Authentication
> - FTP Authentication Crash
> - Assertion Crash In HTTP Response Headers Handling
> - Implicit Assertion in Stream Handling
> - Use-After-Free in ESI 'Try' (and 'Choose') Processing
> - Use-After-Free in ESI Expression Evaluation
> - Buffer Underflow in ESI GHSA-wgvf-q977-9xjg
> - Assertion in Squid 'Helper' Process Creator GHSA-xggx-9329-3c27
> - Assertion Due to 0 ESI 'when' Checking GHSA-4g88-277m-q89r
> - Assertion Using ESI's When Directive GHSA-4g88-277m-q89r
> - Assertion in ESI Variable Assignment (String)
> - Assertion in ESI Variable Assignment
> - Null Pointer Dereference In ESI's esi:include and esi:when Note: Various GHSA advisories have been provided by the security researcher but are not published / available yet.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.