Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:PROXY:SQUID-SQSN-HDR-POISN |
|---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
Squid Squoison Host Header Cache Poisoning |
Release Date |
2016/06/28 |
Update Number |
2749 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Squid Squoison Host Header Cache Poisoning
This signature detects attempts to exploit a known vulnerability against Squid proxy when configured as a transparent proxy which makes version 3.5.12 vulnerable. Attackers can cause the Squid proxy's cache to become poisoned with the attacker's chosen content.
Extended Description
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
Affected Products
- Canonical ubuntu_linux 12.04
- Canonical ubuntu_linux 14.04
- Canonical ubuntu_linux 15.10
- Canonical ubuntu_linux 16.04
- Oracle linux 7
- Squid-cache squid 3.5.17
- Squid-cache squid 4.0.1
- Squid-cache squid 4.0.2
- Squid-cache squid 4.0.3
- Squid-cache squid 4.0.4
- Squid-cache squid 4.0.5
- Squid-cache squid 4.0.6
- Squid-cache squid 4.0.7
- Squid-cache squid 4.0.8
- Squid-cache squid 4.0.9
References
- CVE: CVE-2016-4553