HTTP: Squid Proxy Digest Nonce Information Disclosure
This signature detects attempts to exploit a known vulnerability against Squid Proxy. A successful attack can lead to sensitive information disclosure.
Extended Description
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
Affected Products
Squid-cache squid
References
CVE: CVE-2019-18679
Short Name
HTTP:PROXY:SQUID-DIGEST-NONC-ID
Severity
Minor
Recommended
True
Recommended Action
None
Category
HTTP
Keywords
CVE-2019-18679 Digest Disclosure Information Nonce Proxy Squid
Release Date
01/09/2020
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Rarely
Vendors
Fedoraproject
Squid-cache
Debian
Canonical
CVSS Score
5.0