Check Point Advisories

Preemptive Protection against Squid HTTP Version Number Parsing Denial of Service

Check Point Reference: CPAI-2009-047
Date Published: 15 Jan 2009
Severity: High
Last Updated: Thursday 01 January, 2009
Source: Secunia Advisory: SA33731
Industry Reference:CVE-2009-0478
Protection Provided by:
Who is Vulnerable? Squid 2.x
Squid 3.x
Vulnerability Description A denial of service vulnerability was reported in the Squid proxy server. The Squid proxy server is a popular open source, Internet proxy and web caching application.The vulnerability is due to inappropriate parsing of the version number when processing malformed HTTP requests. Remote unauthenticated attackers can exploit this vulnerability by sending specially crafted HTTP request packets to an affected system. Successful exploitation may cause the service to terminate.
Update/Patch AvaliableVendor's patching information:
http://www.squid-cache.org/Advisories/SQUID-2009_1.txt
Vulnerability DetailsThe vulnerability is due to a logical error while parsing the version number of the HTTP protocol in an HTTP request. Remote attackers can exploit this vulnerability by sending a specially crafted HTTP requests with overly large protocol version to the target.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK