HTTP: Squid Proxy String Processing NULL Pointer Dereference
This signature detects attempts to exploit a known flaw in the Squid HTTP proxy. A Denial of Service vulnerability exists in Squid Proxy Cache component. The vulnerability is due to an input validation error while parsing crafted strings sent in a request. The vulnerable code does not validate if a string could be NULL before performing a comparison operation. As a result of this, a NULL pointer dereference occurs that leads to a Denial of Service condition.
Extended Description
Squid is prone to a remote denial-of-service vulnerability caused by a NULL pointer dereference. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Due to the nature of the issue, code execution may be possible; however, it has not been confirmed. The issue affects the following versions: Squid 3.0 to 3.0.STABLE25 Squid 3.1 to 3.1.7 Squid 3.2 to 3.2.0.1
Affected Products
Debian linux
Short Name
HTTP:PROXY:SQUID-NULL-PTR
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2010-3072 Dereference NULL Pointer Processing Proxy Squid String bid:42982
Release Date
07/18/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Suse
Gentoo
Squid
Mandriva
Debian
CVSS Score
5.0