Vulnerabilities > CVE-2005-1345 - Remote Security vulnerability in Squid
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-415.NASL description An updated squid package that fixes several security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Squid is a full-featured Web proxy cache. A race condition bug was found in the way Squid handles the now obsolete Set-Cookie header. It is possible that Squid can leak Set-Cookie header information to other clients connecting to Squid. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0626 to this issue. Please note that this issue only affected Red Hat Enterprise Linux 4. A bug was found in the way Squid handles PUT and POST requests. It is possible for an authorised remote user to cause a failed PUT or POST request which can cause Squid to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0718 to this issue. A bug was found in the way Squid processes errors in the access control list. It is possible that an error in the access control list could give users more access than intended. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1345 to this issue. A bug was found in the way Squid handles access to the cachemgr.cgi script. It is possible for an authorised remote user to bypass access control lists with this flaw. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-1999-0710 to this issue. A bug was found in the way Squid handles DNS replies. If the port Squid uses for DNS requests is not protected by a firewall it is possible for a remote attacker to spoof DNS replies, possibly redirecting a user to spoofed or malicious content. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1519 to this issue. Additionally this update fixes the following bugs: - LDAP Authentication fails with an assertion error when using Red Hat Enterprise Linux 4 Users of Squid should upgrade to this updated package, which contains backported patches to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 18500 published 2005-06-16 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/18500 title RHEL 3 / 4 : squid (RHSA-2005:415) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-122-1.NASL description Michael Bhola discovered that errors in the http_access configuration, in particular missing or invalid ACLs, did not cause a fatal error. This could lead to wider access permissions than intended by the administrator. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 20511 published 2006-01-15 reporter Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20511 title Ubuntu 4.10 / 5.04 : squid vulnerability (USN-122-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-721.NASL description Michael Bhola discovered a bug in Squid, the popular WWW proxy cache. Squid does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator. last seen 2020-06-01 modified 2020-06-02 plugin id 18242 published 2005-05-11 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18242 title Debian DSA-721-1 : squid - design flaw NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-078.NASL description Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings. (CVE-2005-0194) Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies. (CVE-2005-0626) Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previosuly freed memory. (CVE-2005-0718) A bug in the way Squid processes errors in the access control list was also found. It is possible that an error in the access control list could give users more access than intended. (CVE-2005-1345) In addition, due to subtle bugs in the previous backported updates of squid (Bugzilla #14209), all the squid-2.5 versions have been updated to squid-2.5.STABLE9 with all the STABLE9 patches from the squid developers. The updated packages are patched to fix these problems. last seen 2020-06-01 modified 2020-06-02 plugin id 18171 published 2005-05-02 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18171 title Mandrake Linux Security Advisory : squid (MDKSA-2005:078) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2005-415.NASL description An updated squid package that fixes several security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Squid is a full-featured Web proxy cache. A race condition bug was found in the way Squid handles the now obsolete Set-Cookie header. It is possible that Squid can leak Set-Cookie header information to other clients connecting to Squid. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0626 to this issue. Please note that this issue only affected Red Hat Enterprise Linux 4. A bug was found in the way Squid handles PUT and POST requests. It is possible for an authorised remote user to cause a failed PUT or POST request which can cause Squid to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0718 to this issue. A bug was found in the way Squid processes errors in the access control list. It is possible that an error in the access control list could give users more access than intended. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1345 to this issue. A bug was found in the way Squid handles access to the cachemgr.cgi script. It is possible for an authorised remote user to bypass access control lists with this flaw. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-1999-0710 to this issue. A bug was found in the way Squid handles DNS replies. If the port Squid uses for DNS requests is not protected by a firewall it is possible for a remote attacker to spoof DNS replies, possibly redirecting a user to spoofed or malicious content. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1519 to this issue. Additionally this update fixes the following bugs: - LDAP Authentication fails with an assertion error when using Red Hat Enterprise Linux 4 Users of Squid should upgrade to this updated package, which contains backported patches to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 21822 published 2006-07-03 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21822 title CentOS 3 / 4 : squid (CESA-2005:415)
Oval
| accepted | 2013-04-29T04:06:19.664-04:00 | ||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||
| contributors |
| ||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||
| description | Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator. | ||||||||||||||||||||
| family | unix | ||||||||||||||||||||
| id | oval:org.mitre.oval:def:10513 | ||||||||||||||||||||
| status | accepted | ||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
| title | Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator. | ||||||||||||||||||||
| version | 26 |
Redhat
| advisories |
| ||||
| rpms |
|
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000948
- http://fedoranews.org/updates/FEDORA--.shtml
- http://www.debian.org/security/2005/dsa-721
- http://www.redhat.com/support/errata/RHSA-2005-415.html
- http://www.squid-cache.org/bugs/show_bug.cgi?id=1255
- http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-acl_error
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10513