Ubuntu update for squid3
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2021-28651 CVE-2022-41318 CVE-2023-49285 CVE-2023-49286 CVE-2023-50269 CVE-2024-25617 |
| CWE-ID | CWE-20 CWE-125 CWE-252 CWE-674 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Ubuntu Operating systems & Components / Operating system squid3 (Ubuntu package) Operating systems & Components / Operating system package or component squid (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU53017
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28651
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when resolving "urn:" resource identifiers. A remote attacker can trick a user behind the proxy server to click on a specially crafted "urn:" link that leads to a server under attacker's control and force Squid to consume arbitrarily large amounts of memory on the server.
MitigationUpdate the affected package squid3 to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
squid3 (Ubuntu package): before Ubuntu Pro
squid (Ubuntu package): before Ubuntu Pro (Infra-only)
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-6857-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU67609
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-41318
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information or crash the server.
The vulnerability exists due to a boundary condition within SSPI and SMB authentication helpers. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system or crash the server.
Successful exploitation of the vulnerability requires that Squid is configured to use NTLM or Negotiate authentication with one of the vulnerable helpers.
Update the affected package squid3 to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
squid3 (Ubuntu package): before Ubuntu Pro
squid (Ubuntu package): before Ubuntu Pro (Infra-only)
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-6857-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU83629
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-49285
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when handling HTTP messages. A remote attacker can send specially crafted data to the server, trigger an out-of-bounds read error and crash the proxy server.
Update the affected package squid3 to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
squid3 (Ubuntu package): before Ubuntu Pro
squid (Ubuntu package): before Ubuntu Pro (Infra-only)
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-6857-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Unchecked Return Value
EUVDB-ID: #VU83628
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-49286
CWE-ID:
CWE-252 - Unchecked Return Value
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect check of function return value in Helper process management. A remote attacker can pass specially crafted data to the proxy server and perform a denial of service (DoS) attack.
Update the affected package squid3 to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
squid3 (Ubuntu package): before Ubuntu Pro
squid (Ubuntu package): before Ubuntu Pro (Infra-only)
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-6857-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Uncontrolled Recursion
EUVDB-ID: #VU84442
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-50269
CWE-ID:
CWE-674 - Uncontrolled Recursion
Exploit availability: No
DescriptionThe vulnerability allows a remote client to perform a denial of service (DoS) attack.
The vulnerability exists due to uncontrolled recursion when parsing HTTP requests. A remote client can send a specially crafted HTTP request with the a large X-Forwarded-For header, when the follow_x_forwarded_for feature is configured, and perform a denial of service (DoS) attack.
Update the affected package squid3 to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
squid3 (Ubuntu package): before Ubuntu Pro
squid (Ubuntu package): before Ubuntu Pro (Infra-only)
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-6857-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU86547
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25617
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of HTTP headers. A remote attacker can send a specially crafted HTTP request to the server and perform a denial of service (DoS) attack.
Successful exploitation of the vulnerability requires that the request_header_max_size or reply_header_max_size settings are
unchanged from the default.
Update the affected package squid3 to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
squid3 (Ubuntu package): before Ubuntu Pro
squid (Ubuntu package): before Ubuntu Pro (Infra-only)
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-6857-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
