Squid prior 2.5.STABLE7 Web Proxy Cache Remote Denial of Service Vulnerability 1.1
 
Plugin ID321
Plugin nameSquid prior 2.5.STABLE7 Web Proxy Cache Remote Denial of Service Vulnerability
Plugin filenameSquid prior 2.5.STABLE7 Web Proxy Cache Remote Denial of Service Vulnerability.plugin
Plugin filesize2670 bytes
Plugin familyDenial of Service
Plugin created nameDavid Nester
Plugin created emaildavid at icrew dot org
Plugin created webhttp://www.icrew.org
Plugin created companyiCrew Security
Plugin created date2004/12/5
Plugin version1.1
Plugin protocoltcp
Plugin port3128
Plugin procedure detectionopen|send HEAD / HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *squid/2.5.STABLE*
Plugin detection accuracy80
Plugin commentThis plugin was written with the ATK Attack Editor.
Bug published nameAnonymous
Bug published web
Bug published date2004/10/11
Bug produced nameSquid Web Proxy
Bug produced webhttp://www.squid-cache.org/
Bug not affectedOther versions or solutions
Bug vulnerability classDenial Of Service
Bug descriptionSquid is a popular unix based web proxy software. A denial of service condition has been disclosed in the SNMP component of Squid that could allow a remote attacker to crash the service by sending a malicious UDP packet. The problem occurs in the code to handle parsing ASN.1 data. Due to a programming error it is possible under certain circumstances to pass a negative value for a field length specifier, causing the service to abort. Note that Squid must be compiled with SNMP support to be vulnerable.
Bug solutionDownload the latest release from the vendor. http://www.squid-cache.org/
Bug fixing timeApprox. 2 hours
Bug exploit availabilityNo
Bug remoteYes
Bug localNo
Bug severityLow
Bug popularity1
Bug simplicity2
Bug impact7
Bug risk2
Source CVECAN-2004-0918
Source ISS X-Force ID17688
Source RedHat Security Advisory IDRHSA-2004-591
Source LiteratureHacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, Düsseldorf, ISBN 381582284X
Source Misc.http://www.squid-cache.org/

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.