HTTP: Squid Proxy URN Response Processing Heap Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Squid Proxy. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the squid process.
Extended Description
An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.
Affected Products
Debian debian_linux
References
CVE: CVE-2019-12526
Short Name
HTTP:PROXY:SQUID-URN-BO
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2019-12526 Heap Overflow Processing Proxy Response Squid URN
Release Date
12/13/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Opensuse
Fedoraproject
Squid-cache
Debian
Canonical
CVSS Score
7.5