#VU67609 Out-of-bounds read in Squid


Published: 2022-09-23 | Updated: 2022-10-20

Vulnerability identifier: #VU67609

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-41318

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Squid
Server applications / IDS/IPS systems, Firewalls and proxy servers

Vendor: Squid-cache.org

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information or crash the server.

The vulnerability exists due to a boundary condition within SSPI and SMB authentication helpers. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system or crash the server.

Successful exploitation of the vulnerability requires that Squid is configured to use NTLM or Negotiate authentication with one of the vulnerable helpers.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Squid: 5.0 - 5.6, 4.0 - 4.17, 3.0 - 3.5.28, 2.7 - 2.7.STABLE9, 2.5 - 2.5_stable9

External links
http://seclists.org/oss-sec/2022/q3/231

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Amazon Linux AMI update for squid
CentOS 7 update for squid
Multiple vulnerabilities in Oracle Linux
Debian update for squid
SUSE update for squid
Red Hat Enterprise Linux 9 update for squid
SUSE update for squid
SUSE update for squid
SUSE update for squid
Red Hat Enterprise Linux 7 update for squid