SecurityTeam US - Squid HTTP Specifications Web Proxy Cache Poisoning


	Contribute : Advanced Search : Web Resources : Polls : File Repository

Poll
What would you like to see on SecurityTeamUS? More News Product Reviews HowTo's Custom RPM/Packages/Tools Other (Please leave comment) Results 96 votes \| 0 comments

Topics
Home Apache Apple Application Software Cisco Systems Database Servers Internet Explorer Linux Macromedia Microsoft Mozilla/Firefox Phishing/ID Theft Real Networks Security News Sun Microsystems Web Appliances/Devices Web Scripts Wi-Fi

Virus Alerts
17 Apr 2011 Troj/Mdrop-DKE 17 Apr 2011 Troj/Sasfis-O 17 Apr 2011 Troj/Keygen-FU 17 Apr 2011 Troj/Zbot-AOY 17 Apr 2011 Troj/Zbot-AOW 17 Apr 2011 W32/Womble-E 17 Apr 2011 Troj/VB-FGD 17 Apr 2011 Troj/FakeAV-DFF 17 Apr 2011 Troj/SWFLdr-W 17 Apr 2011 W32/RorpiaMem-A

Events
There are no upcoming events

Welcome to SecurityTeam US
Monday, February 06 2012 @ 11:36 AM EST

Squid HTTP Specifications Web Proxy Cache Poisoning

Thursday, May 05 2005 @ 09:11 AM EDT

Steve Orrin has reported a vulnerability in Squid, which can be exploited by malicious people to poison the web proxy cache.

The vulnerability is caused due to an error in the handling of upstream HTTP agents (e.g. web servers) not complying correctly with the HTTP specifications. This can be exploited to cause the HTTP agent and Squid to be out-of-sync by sending a specially crafted request containing e.g. white spaces in the HTTP header names and extra CR characters at the end of HTTP headers.

Successful exploitation allows poisoning of the web proxy cache.

An issue, where input validation errors in dynamic web sites can be exploited to conduct HTTP response splitting attacks, has also been reported.

The vulnerability has been reported in versions 2.5.STABLE7 and prior.

SOFTWARE:
Squid 2.x

SOLUTION:
Update to version 2.5.STABLE8.

Apply patches for version 2.5.STABLE7:
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-header_parsing.patch
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-response_splitting.patch
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch

Disable HTTP persistent connections (see original advisory).

PROVIDED AND/OR DISCOVERED BY:
Steve Orrin, Watchfire.

ORIGINAL ADVISORY:
Squid:
http://www.squid-cache.org/Advisories/SQUID-2005_4.txt
http://www.squid-cache.org/Advisories/SQUID-2005_5.txt

VERIFY ADVISORY:
http://secunia.com/advisories/15093/

Secunia Security Advisories

What's Related
http://www.squid-cache.... http://www.squid-cache.... http://www.squid-cache.... http://www.squid-cache.... http://www.squid-cache.... http://secunia.com/advi... More from Linux

Story Options
Mail Story to a Friend Printable Story Format

Squid HTTP Specifications Web Proxy Cache Poisoning | 0 comments | Create New Account

The following comments are owned by whomever posted them. This site is not responsible for what they say.

Dedicated Servers
Created this page in 0.17 seconds