An issue exists in Squid 4.0.23 up to and including 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user controlled data.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
squid-cache squid |
||
fedoraproject fedora 29 |
||
debian debian linux 10.0 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 19.04 |
||
canonical ubuntu linux 16.04 |
||
redhat enterprise linux 8.0 |
||
redhat enterprise linux eus 8.1 |
||
redhat enterprise linux eus 8.2 |
||
redhat enterprise linux server tus 8.2 |
||
redhat enterprise linux server aus 8.2 |
||
redhat enterprise linux server tus 8.4 |
||
redhat enterprise linux eus 8.4 |
||
redhat enterprise linux server aus 8.4 |
||
redhat enterprise linux server aus 8.6 |
||
redhat enterprise linux server tus 8.6 |
||
redhat enterprise linux eus 8.6 |
Vulmon