Squid 3.5.x < 3.5.23 / 4.0.x < 4.0.17 Multiple Information Disclosure

low Nessus Network Monitor Plugin ID 9858

Synopsis

The remote proxy server is affected by multiple information disclosure attack vectors.

Description

Versions of Squid 4.0.x prior to 4.0.17, and 3.5.x prior to 3.5.18 are affected by multiple vulnerabilities :

- A flaw exists in the collapsed forwarding functionality in 'client_side_reply.cc' that is triggered as request headers are not properly compared, which can cause the program to deliver responses containing private data to clients it should not have reached. This may allow a remote attacker to gain access to potentially sensitive information from other sessions.
- A flaw exists in 'client_side_reply.cc' that is triggered during the handling of HTTP conditional requests. This may allow a remote attacker to gain access to potentially sensitive information from other sessions.

Solution

Upgrade to Squid version 4.0.17 or later. If 4.0.x versions cannot be obtained, version 3.5.23 is also patched for these vulnerabilities.

See Also

http://www.squid-cache.org/Advisories/SQUID-2016_11.txt

http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_10_a.patch

http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14127.patch

http://www.squid-cache.org/Versions/v4/changesets/squid-4-14956.patch

Plugin Details

Severity: Low

ID: 9858

Family: Web Servers

Published: 1/9/2017

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Low

Base Score: 3.7

Temporal Score: 3.6

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:squid-cache:squid

Patch Publication Date: 12/16/2016

Vulnerability Publication Date: 12/16/2016

Reference Information

CVE: CVE-2016-10002, CVE-2016-10003