| Plugin ID | 321 |
| Plugin name | Squid prior 2.5.STABLE7 Web Proxy Cache Remote Denial of Service Vulnerability |
| Plugin filename | Squid prior 2.5.STABLE7 Web Proxy Cache Remote Denial of Service Vulnerability.plugin |
| Plugin filesize | 2670 bytes |
| Plugin family | Denial of Service |
| Plugin created name | David Nester |
| Plugin created email | david at icrew dot org |
| Plugin created web | http://www.icrew.org |
| Plugin created company | iCrew Security |
| Plugin created date | 2004/12/5 |
| Plugin version | 1.1 |
| Plugin protocol | tcp |
| Plugin port | 3128 |
| Plugin procedure detection | open|send HEAD / HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *squid/2.5.STABLE* |
| Plugin detection accuracy | 80 |
| Plugin comment | This plugin was written with the ATK Attack Editor. |
| Bug published name | Anonymous |
| Bug published web | |
| Bug published date | 2004/10/11 |
| Bug produced name | Squid Web Proxy |
| Bug produced web | http://www.squid-cache.org/ |
| Bug not affected | Other versions or solutions |
| Bug vulnerability class | Denial Of Service |
| Bug description | Squid is a popular unix based web proxy software. A denial of service condition has been disclosed in the SNMP component of Squid that could allow a remote attacker to crash the service by sending a malicious UDP packet. The problem occurs in the code to handle parsing ASN.1 data. Due to a programming error it is possible under certain circumstances to pass a negative value for a field length specifier, causing the service to abort. Note that Squid must be compiled with SNMP support to be vulnerable. |
| Bug solution | Download the latest release from the vendor. http://www.squid-cache.org/ |
| Bug fixing time | Approx. 2 hours |
| Bug exploit availability | No |
| Bug remote | Yes |
| Bug local | No |
| Bug severity | Low |
| Bug popularity | 1 |
| Bug simplicity | 2 |
| Bug impact | 7 |
| Bug risk | 2 |
| Source CVE | CAN-2004-0918 |
| Source ISS X-Force ID | 17688 |
| Source RedHat Security Advisory ID | RHSA-2004-591 |
| Source Literature | Hacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, D�sseldorf, ISBN 381582284X |
| Source Misc. | http://www.squid-cache.org/ |