Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 7 |
CVE-ID | CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620 |
CWE-ID | CWE-20 CWE-401 CWE-399 CWE-190 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #4 is available. Public exploit code for vulnerability #5 is available. |
Vulnerable software Subscribe |
Ubuntu Operating systems & Components / Operating system squid (Ubuntu package) Operating systems & Components / Operating system package or component |
Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
EUVDB-ID: #VU53017
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28651
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when resolving "urn:" resource identifiers. A remote attacker can trick a user behind the proxy server to click on a specially crafted "urn:" link that leads to a server under attacker's control and force Squid to consume arbitrarily large amounts of memory on the server.
MitigationUpdate the affected package squid to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 21.04
squid (Ubuntu package): before 4.13-1ubuntu4.1
External linkshttp://ubuntu.com/security/notices/USN-4981-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU53019
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28652
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote client to perform DoS attack on the target system.
The vulnerability exists due memory leak due to incorrect parser validation in Cache Manager API. A remote trusted client with Cache Manager API access privilege can perform denial of service attack.
MitigationUpdate the affected package squid to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 21.04
squid (Ubuntu package): before 4.13-1ubuntu4.1
External linkshttp://ubuntu.com/security/notices/USN-4981-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU53018
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28662
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing HTTP responses. A remote attacker who controls a malicious web page can send specially crafted HTTP response and perform a denial of service attack against the proxy server. The issue trigger is a header which can be expected to exist in HTTP traffic without any malicious intent by the server.
Update the affected package squid to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 21.04
squid (Ubuntu package): before 4.13-1ubuntu4.1
External linkshttp://ubuntu.com/security/notices/USN-4981-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU53020
Risk: Medium
CVSSv3.1: 6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2021-31806
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote client to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when performing HTTP Range requests. A remote proxy client can send specially crafted HTTP request via the proxy server and perform a denial of service (DoS) attack.
MitigationUpdate the affected package squid to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 21.04
squid (Ubuntu package): before 4.13-1ubuntu4.1
External linkshttp://ubuntu.com/security/notices/USN-4981-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
EUVDB-ID: #VU53599
Risk: Medium
CVSSv3.1: 7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2021-31807
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of memory within the application when processing HTTP Range header. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package squid to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 21.04
squid (Ubuntu package): before 4.13-1ubuntu4.1
External linkshttp://ubuntu.com/security/notices/USN-4981-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
EUVDB-ID: #VU53021
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31808
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote client to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when delivering responses from HTTP Range requests. A remote proxy client can send specially crafted HTTP request via the proxy server, force the server to initiate a necessary response, trigger integer overflow in Squid and perform a denial of service (DoS) attack.
MitigationUpdate the affected package squid to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 21.04
squid (Ubuntu package): before 4.13-1ubuntu4.1
External linkshttp://ubuntu.com/security/notices/USN-4981-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65362
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-33620
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote server to perform a denial of service (DoS) attack.
The vulnerability can be triggered by a header that can be expected to exist in HTTP traffic without any malicious intent by the server. A remote server can trigger the vulnerability and perform a denial of service (DoS) attack.
MitigationUpdate the affected package squid to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 21.04
squid (Ubuntu package): before 4.13-1ubuntu4.1
External linkshttp://ubuntu.com/security/notices/USN-4981-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.