Mon. Nov 18th, 2019

CVE-2019-12526: Squid Buffer Overflow Vulnerability Alert

1 min read

Squid is a caching and forwarding HTTP web proxy. It has a wide variety of uses, including speeding up a web server by caching repeated requests, caching web, DNS and other computer network lookups for a group of people sharing network resources, and aiding security by filtering traffic. Although primarily used for HTTP and FTP, Squid includes limited support for several other protocols including Internet Gopher, SSL, TLS, and HTTPS. Squid does not support the SOCKS protocol, unlike Privoxy, with which Squid can be used in order to provide SOCKS support.

On November 5, 2019, Squid officially disclosed a buffer overflow vulnerability. A remote attacker could exploit this vulnerability by sending a well-constructed HTTP request to the target server, which could result in remote code execution. The vulnerability number is CVE-2019-12526.

Affected version

Squid 2.x version is not affected

Affects Squid 3.x to 3.5.28

Affects Squid-4.x to 4.8

Solution

Squid official has fixed this vulnerability in Squid 4.9, which users can update to this version.

You also migrate this vulnerability by:

Deny urn: protocol URI being proxied to all clients:

acl URN proto URN
http_access deny URN