Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2019-18679 |
CWE-ID | CWE-200 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
squid (Alpine package) Operating systems & Components / Operating system package or component |
Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU22589
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-18679
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to incorrect data management when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer which sits within heap memory allocation. This allows a remote attacker to gain knowledge of memory allocations and bypass ASLR protection and help in exploitation of other vulnerabilities.
MitigationInstall update from vendor's website.
Vulnerable software versionssquid (Alpine package): 3.2.2-r0 - 3.5.27-r3
External linkshttp://git.alpinelinux.org/aports/commit/?id=3db264c1978654cc19d61a5feaf1b0ee54e0a85b
http://git.alpinelinux.org/aports/commit/?id=225360732093a00d6a58a6e626b26e6794a4739c
http://git.alpinelinux.org/aports/commit/?id=a4301166888c0e2c8a72be8e5d3ec1747a6ab6bf
http://git.alpinelinux.org/aports/commit/?id=a2e4a10786598b2f40879a608a3090b4f1242065
http://git.alpinelinux.org/aports/commit/?id=e669c04c87f3b6f9826273154aebe26e89d75dc8
http://git.alpinelinux.org/aports/commit/?id=49fa120aba707913031864610f9f1e8c9611cc06
http://git.alpinelinux.org/aports/commit/?id=9655dce42705c52e44b4db28575cc7e05835bdc9
http://git.alpinelinux.org/aports/commit/?id=c960394d423ce258a68bf53364ae13b6e331d8fe
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.