SB2020063011 - Multiple vulnerabilities in Squid
Published: June 30, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 vulnerabilities.
1) Resource management error (CVE-ID: CVE-2020-14059)
CWE-ID: CWE-399 - Resource Management Errors
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect synchronization when processing objects in an SMP cache. A remote client trigger a Squid worker assertion and perform a denial of service (DoS) attack.
This attack is limited to SMP Squids using shared memory cache and/or an SMP rock disk cache.
2) Exposed dangerous method or function (CVE-ID: CVE-2020-14058)
CWE-ID: CWE-749 - Exposed Dangerous Method or Function
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to usage of potentially dangerous function when processing TLS certificates. A remote client can perform a denial of service attack when opening TLS connections.
3) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2020-15049)
CWE-ID: CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform cache poisoning attack.
The vulnerability exists in the way Squid processes client's requests. A remote client can send specially crafted data in the request to perform request smuggling and poison the HTTP cache contents with crafted HTTP(S) request messages.
Successful exploitation of the vulnerability requires an upstream server to participate in the smuggling and generate the poison response sequence.
Remediation
Install update from vendor's website.