what you don't know can hurt you
Showing 1 - 3 of 3 RSS Feed

CVE-2019-12524

Status Candidate

Overview

An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.

Related Files

Red Hat Security Advisory 2020-4743-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4743-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow, bypass, cross site request forgery, denial of service, heap overflow, information leakage, and out of bounds read vulnerabilities.

tags | advisory, web, denial of service, overflow, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2019-12520, CVE-2019-12521, CVE-2019-12523, CVE-2019-12524, CVE-2019-12526, CVE-2019-12528, CVE-2019-12529, CVE-2019-12854, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2019-18860, CVE-2020-14058, CVE-2020-15049, CVE-2020-24606, CVE-2020-8449, CVE-2020-8450
MD5 | 9d6e01336e2e2755764b1fc2058759d5
Ubuntu Security Notice USN-4446-2
Posted Aug 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4446-2 - USN-4446-1 fixed vulnerabilities in Squid. The update introduced a regression when using Squid with the icap or ecap protocols. This update fixes the problem. Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform cache-injection attacks or gain access to reverse proxy features such as ESI. Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks. Jeriko One discovered that Squid incorrectly handled URL decoding. A remote attacker could possibly use this issue to bypass certain rule checks. Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled input validation. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2019-12520, CVE-2019-12523, CVE-2019-12524, CVE-2019-18676
MD5 | 3ce54dac1a09ed855009027ca7b777d9
Ubuntu Security Notice USN-4446-1
Posted Aug 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4446-1 - Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform cache-injection attacks or gain access to reverse proxy features such as ESI. Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-12520, CVE-2019-12523, CVE-2019-12524, CVE-2019-18676
MD5 | 0645410abcb063dfc2a9e47806b54c82
Page 1 of 1
Back1Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    10 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close