Gentoo update for Squid
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2019-12526 CVE-2019-12528 CVE-2019-18678 CVE-2019-18679 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 |
| CWE-ID | CWE-122 CWE-125 CWE-444 CWE-200 CWE-20 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Gentoo Linux Operating systems & Components / Operating system |
| Vendor | Gentoo |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU22585
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2019-12526
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing URN requests. A remote attacker can send specially crafted request to the Squid client, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
net-proxy/squid to version: 4.10
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/
https://security.gentoo.org/glsa/202003-34
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU25019
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-12528
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when translating FTP server listing into HTTP responses. A remote attacker can trick the victim into vising a specially crafted FTP server, trigger out-of-bounds read and gain access to memory contents of the heap.
MitigationUpdate the affected packages.
net-proxy/squid to version: 4.10
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/
https://security.gentoo.org/glsa/202003-34
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU22587
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-18678
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform HTTP request smuggling attack.
The vulnerability exists due to insufficient validation of HTTP request headers in Squid. A remote attacker can initiate a specially crafted HTTP request that will cause the software to split HTTP request and display to the end user content, controlled by the attacker at arbitrary URL.
MitigationUpdate the affected packages.
net-proxy/squid to version: 4.10
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/
https://security.gentoo.org/glsa/202003-34
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU22589
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-18679
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to incorrect data management when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer which sits within heap memory allocation. This allows a remote attacker to gain knowledge of memory allocations and bypass ASLR protection and help in exploitation of other vulnerabilities.
MitigationUpdate the affected packages.
net-proxy/squid to version: 4.10
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/
https://security.gentoo.org/glsa/202003-34
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU25017
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-8449
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied input when processing HTTP requests. A remote attacker can send a specially crafted HTTP request, bypass configured security filters and gain access to certain server resources.
Update the affected packages.
net-proxy/squid to version: 4.10
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/
https://security.gentoo.org/glsa/202003-34
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU25018
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-8450
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTTP requests, when Squid is acting as a reverse proxy. A remote attacker can send a specially crafted HTTP request to the affected proxy server, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
net-proxy/squid to version: 4.10
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/
https://security.gentoo.org/glsa/202003-34
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU25020
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-8517
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error in the NTLM authentication credentials parser in ext_lm_group_acl. A remote attacker can send a specially crafted HTTP request to the affected proxy server, trigger memory corruption and perform a denial of service attack.
Update the affected packages.
net-proxy/squid to version: 4.10
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/
https://security.gentoo.org/glsa/202003-34
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
