openEuler 20.03 LTS SP1 update for squid
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2021-33620 CVE-2021-31806 CVE-2021-31808 CVE-2021-28662 CVE-2021-28651 CVE-2021-28652 |
| CWE-ID | CWE-20 CWE-190 CWE-401 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software Subscribe |
openEuler Operating systems & Components / Operating system squid-debugsource Operating systems & Components / Operating system package or component squid-debuginfo Operating systems & Components / Operating system package or component squid Operating systems & Components / Operating system package or component |
| Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU65362
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-33620
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote server to perform a denial of service (DoS) attack.
The vulnerability can be triggered by a header that can be expected to exist in HTTP traffic without any malicious intent by the server. A remote server can trigger the vulnerability and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1
squid-debugsource: before 4.9-8
squid-debuginfo: before 4.9-8
squid: before 4.9-8
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU53020
Risk: Medium
CVSSv3.1: 6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2021-31806
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote client to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when performing HTTP Range requests. A remote proxy client can send specially crafted HTTP request via the proxy server and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1
squid-debugsource: before 4.9-8
squid-debuginfo: before 4.9-8
squid: before 4.9-8
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
3) Integer overflow
EUVDB-ID: #VU53021
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31808
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote client to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when delivering responses from HTTP Range requests. A remote proxy client can send specially crafted HTTP request via the proxy server, force the server to initiate a necessary response, trigger integer overflow in Squid and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1
squid-debugsource: before 4.9-8
squid-debuginfo: before 4.9-8
squid: before 4.9-8
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU53018
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28662
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing HTTP responses. A remote attacker who controls a malicious web page can send specially crafted HTTP response and perform a denial of service attack against the proxy server. The issue trigger is a header which can be expected to exist in HTTP traffic without any malicious intent by the server.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1
squid-debugsource: before 4.9-8
squid-debuginfo: before 4.9-8
squid: before 4.9-8
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU53017
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28651
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when resolving "urn:" resource identifiers. A remote attacker can trick a user behind the proxy server to click on a specially crafted "urn:" link that leads to a server under attacker's control and force Squid to consume arbitrarily large amounts of memory on the server.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1
squid-debugsource: before 4.9-8
squid-debuginfo: before 4.9-8
squid: before 4.9-8
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Memory leak
EUVDB-ID: #VU53019
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28652
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote client to perform DoS attack on the target system.
The vulnerability exists due memory leak due to incorrect parser validation in Cache Manager API. A remote trusted client with Cache Manager API access privilege can perform denial of service attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1
squid-debugsource: before 4.9-8
squid-debuginfo: before 4.9-8
squid: before 4.9-8
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
