HTTP: Squid Proxy HTTP Message Processing Buffer Overread
This signature detects attempts to exploit a known vulnerability against Squid Proxy. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Affected Products
Squid-cache squid
Short Name
HTTP:PROXY:SQUID-MSG-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2023-49285 HTTP Message Overread Processing Proxy Squid
Release Date
04/04/2024
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
Sigpack Version
3692
False Positive
Unknown
Vendors
Squid-cache