Squid Invalid Version Numbers Parsing Denial of Service Vulnerability


Description   A vulnerability has been identified in Squid, which could allow remote attackers to cause a denial of service. This issue is caused by an error when parsing invalid version numbers, which could allow malicious clients to cause a denial of service by sending a specially crafted request through a vulnerable server.
     
Vulnerable Products   Vulnerable Software:
Squid version 2.7.STABLE5 and priorSquid version 3.0.STABLE12 and priorSquid version 3.1.0.4 and prior
     
Solution   Upgrade to Squid version 2.7.STABLE6, 3.0.STABLE13, or 3.1.0.5 : http://www.squid-cache.org/Download/Apply patches for Squid 2.7: http://www.squid-cache.org/Versions/v2/2.7/changesets/12432.patchhttp://www.squid-cache.org/Versions/v2/2.7/changesets/12442.patchApply patches for Squid 3.0: http://www.squid-cache.org/Versions/v3/3.0/changesets/b8964.patchhttp://www.squid-cache.org/Versions/v3/3.0/changesets/b8965.patchApply patches for Squid 3.1: http://www.squid-cache.org/Versions/v3/3.1/changesets/b9414.patchhttp://www.squid-cache.org/Versions/v3/3.1/changesets/b9418.patch
     
CVE   CVE-2009-0478
     
References   http://www.squid-cache.org/Advisories/SQUID-2009_1.txt
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Invalid HTTP protocol
3.2.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2009-02-04 

 Target Type 
Client 

 Possible exploit 
Local & Remote