An issue exists in Squid 2.x, 3.x, and 4.x up to and including 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squid-cache squid 2.7 |
||
squid-cache squid |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 19.04 |
||
canonical ubuntu linux 19.10 |
||
debian debian linux 8.0 |
||
fedoraproject fedora 30 |
||
fedoraproject fedora 31 |