Squid Error in Parsing HTTP Content-Length Headers May Let Remote Users Poison the Cache
|
|
SecurityTracker Alert ID: 1012992
|
|
SecurityTracker URL: http://securitytracker.com/id?1012992
|
|
CVE Reference: CAN-2005-0175
(Links to External Site)
|
Updated: Jan 31 2005
|
Original Entry Date: Jan 25 2005
|
Impact: Modification of system information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 2.5
|
Description: A vulnerability was reported in Squid in the processing of HTTP headers. A remote user may be able to poison the cache.
The vendor reported that a remote user can send multiple Content-length headers in conjunction with specially crafted requests to poison the cache in certain situations. No further details were provided.
|
Impact: A remote user may be able to poison the cache on the target Squid server.
|
Solution: A patch (squid-2.5.STABLE7-header_parsing.patch) is available at:
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-header_parsing.patch
As
a workaround, the vendor indicates that you can disable client- and server-side persistent connections to partially limit the impact
of mismatches in HTTP protocol parsing.
|
Vendor URL: www.squid-cache.org/ (Links to External Site)
|
Cause: State error
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 25 Jan 2005 02:18:21 -0500
Subject: [none]
|
The vendor reported that a remote user can send multiple Content-length headers in
conjunction with specially crafted requests to poison the cache in certain situations.
A patch (squid-2.5.STABLE7-header_parsing.patch) is available at:
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-header_parsing.patch
As a workaround, the vendor indicates that you can disable client- and server-side
persistent connections to partially limit the impact of mismatches in HTTP protocol
parsing.
|
|
