Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.4
CVSSv2

CVE-2009-0801

Published: 04/03/2009 Updated: 18/06/2009
CVSS v2 Base Score: 5.4 | Impact Score: 6.9 | Exploitability Score: 4.9
VMScore: 483
Vector: AV:N/AC:H/Au:N/C:C/I:N/A:N
Subscribe to Squid Web Proxy Cache

Vulnerability Summary

Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote malicious users to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

squid squid web proxy cache 3.0_pre1

squid squid web proxy cache 3.0_pre2

squid squid web proxy cache 3.0_pre3

squid squid web proxy cache 2.7

squid squid web proxy cache 3.0

squid squid web proxy cache 3.0_stable6

squid squid web proxy cache 3.0_stable13

squid squid web proxy cache 2.7.stable5

squid squid web proxy cache 3.0_stable4

squid squid web proxy cache 3.0_stable3

squid squid web proxy cache 3.0_stable2

squid squid web proxy cache 3.0_stable1

squid squid web proxy cache 3.0_stable7

squid squid web proxy cache 3.0_stable5

squid squid web proxy cache 3.0_stable12

squid squid web proxy cache 2.7.stable6

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2009-0801: HTTP Host Header Incorrect Relay Behavior Vulnerability
Debian Bug report logs - #521052 CVE-2009-0801: HTTP Host Header Incorrect Relay Behavior Vulnerability Package: squid3; Maintainer for squid3 is Luigi Gangitano <luigi@debianorg>; Source for squid3 is src:squid (PTS, buildd, popcon) Reported by: Raphael Geissert <atomo64@gmailcom> Date: Tue, 24 Mar 2009 15:15:01 U ...

Github Repositories

https://github.com/pires/docker-squid

Run Squid on a Docker container. The main purpose of this it to use it as Docker registry cache.

Transparent Squid in a container This is a trivial Dockerfile to build a proxy container powered by famous Squid It is a shameless rip-off of jpetazzo/squid-in-a-can Sorry for that :-) Attention When I started this fork, I was looking for a way to transparently mirror Docker registry so that I could get images faster while just having to download once from the public registry

https://github.com/newtonjp/redsocks

redsocks

redsocks – transparent TCP-to-proxy redirector This tool allows you to redirect any TCP connection to SOCKS or HTTPS proxy using your firewall, so redirection may be system-wide or network-wide When is redsocks useful? you want to route part of TCP traffic via OpenSSH DynamicForward Socks5 port using firewall policies That was original redsocks development goal; you us

https://github.com/darkk/redsocks

transparent TCP-to-proxy redirector

redsocks – transparent TCP-to-proxy redirector This tool allows you to redirect any TCP connection to SOCKS or HTTPS proxy using your firewall, so redirection may be system-wide or network-wide When is redsocks useful? you want to route part of TCP traffic via OpenSSH DynamicForward Socks5 port using firewall policies That was original redsocks development goal; you us

https://github.com/SuzukiHonoka/redsocks_for_mipsel

Using Toolchain: https://github.com/SuzukiHonoka/Padavan_Toolchain3.4.x_EXTRA to build.

redsocks – transparent TCP-to-proxy redirector This tool allows you to redirect any TCP connection to SOCKS or HTTPS proxy using your firewall, so redirection may be system-wide or network-wide When is redsocks useful? you want to route part of TCP traffic via OpenSSH DynamicForward Socks5 port using firewall policies That was original redsocks development goal; you us

https://github.com/1987-min/redsocks1

redsocks – transparent TCP-to-proxy redirector This tool allows you to redirect any TCP connection to SOCKS or HTTPS proxy using your firewall, so redirection may be system-wide or network-wide When is redsocks useful? you want to route part of TCP traffic via OpenSSH DynamicForward Socks5 port using firewall policies That was original redsocks development goal; you us

https://github.com/Lonebear69/https-github.com-samyk-redsocks

redsocks – transparent TCP-to-proxy redirector This tool allows you to redirect any TCP connection to SOCKS or HTTPS proxy using your firewall, so redirection may be system-wide or network-wide When is redsocks useful? you want to route part of TCP traffic via OpenSSH DynamicForward Socks5 port using firewall policies That was original redsocks development goal; you us

https://github.com/jpetazzo/squid-in-a-can

Transparent Squid in a container This is a trivial Dockerfile to build a proxy container It will use the famous Squid proxy, configured to work in transparent mode Why? If you build a lot of containers, and have a not-so-fast internet link, you might be spending a lot of time waiting for packages to download It would be nice if all those downloads could be automatically cach

References

CWE-264http://www.kb.cert.org/vuls/id/435052http://www.securityfocus.com/bid/33858https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521052https://nvd.nist.govhttps://github.com/pires/docker-squid
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook