Friday Squid Blogging: Vulnerabilities in Squid Server

It’s always nice when I can combine squid and security:

Multiple versions of the Squid web proxy cache server built with Basic Authentication features are currently vulnerable to code execution and denial-of-service (DoS) attacks triggered by the exploitation of a heap buffer overflow security flaw.

The vulnerability present in Squid 4.0.23 through 4.7 is caused by incorrect buffer management which renders vulnerable installations to “a heap overflow and possible remote code execution attack when processing HTTP Authentication credentials.”

“When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data,” says MITRE’s description of the vulnerability. “Squid does not check that the decoded length isn’t greater than the buffer, leading to a heap-based buffer overflow with user controlled data.”

The flaw was patched by the web proxy’s development team with the release of Squid 4.8 on July 9.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

CONTACT US

832-251-6600 | 855-524-9778
LCG, LLC
11767 Katy Freeway, Suite 515
Houston, TX 77079

Privacy Policy
Sitemap

WHY CHOOSE LCG?

Our Clients hire us because we provide honest advice, excellent customer service, and winning solutions based on experience. The best way to find out how we can help you is to call us.

Copyright 2008-2019. LCG Discovery Experts, LLC d/b/a LCG, LLC. All Rights Reserved