Home

CVE-2019-18676

Description

An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.373

Associated Vulnerability

VulnerabilityOS Platform
Web proxy cache server (USN-4213-1) squid_4.4-1ubuntu2.3_i386.debLinux
Web proxy cache server (USN-4213-1) squid_4.4-1ubuntu2.3_amd64.debLinux
Web proxy cache server (USN-4213-1) squid_4.8-1ubuntu2.1_i386.debLinux
Web proxy cache server (USN-4213-1) squid_4.8-1ubuntu2.1_amd64.debLinux
Web proxy cache server (USN-4213-1) squid3_3.5.12-1ubuntu7.9_all.debLinux
Web proxy cache server (USN-4213-1) squid3_3.5.27-1ubuntu1.4_all.debLinux
squid security update(DSA-4682-1) squid_4.6-1+deb10u2_i386.debLinux
squid security update(DSA-4682-1) squid_4.6-1+deb10u2_amd64.debLinux
Web proxy cache server (USN-4446-1) squid_3.5.27-1ubuntu1.7_i386.debLinux
Web proxy cache server (USN-4446-1) squid_3.5.27-1ubuntu1.7_amd64.debLinux
Web proxy cache server (USN-4446-1) squid_3.5.12-1ubuntu7.12_i386.debLinux
Web proxy cache server (USN-4446-1) squid_3.5.12-1ubuntu7.12_amd64.debLinux
(RHSA-2020:4743) squid:4 security, bug fix, and enhancement update squid-4.11-3.module+el8.3.0+7851+7808b5f9.x86_64.rpmLinux
(RHSA-2020:4743) squid:4 security, bug fix, and enhancement update squid-debugsource-4.11-3.module+el8.3.0+7851+7808b5f9.x86_64.rpmLinux
Web proxy cache server (USN-4213-1) squid3_3.5.27-1ubuntu1.4_all.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234