Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2019-18678  

A HTTP request splitting issue has been found in Squid before 4.9. This issue allows attackers to smuggle HTTP requests through frontend software to a Squid which splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches between client and Squid with attacker controlled content at arbitrary URLs.

Source
Severity High

Remote Yes

Type Content spoofing

Description 

A HTTP request splitting issue has been found in Squid before 4.9. This issue allows attackers to smuggle HTTP requests through frontend software to a Squid which splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches between client and Squid with attacker controlled content at arbitrary URLs.

AVG-1062 squid 4.8-2 4.9-1 Critical Fixed

07 Nov 2019 ASA-201911-8 AVG-1062 squid Critical multiple issues 

http://www.squid-cache.org/Advisories/SQUID-2019_10.txt
http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started