BID:13166

Squid Proxy Aborted Connection Remote Denial Of Service Vulnerability

Info

Squid Proxy Aborted Connection Remote Denial Of Service Vulnerability

Bugtraq ID:	13166
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2005-0718
Remote:	Yes
Local:	No
Published:	Apr 14 2005 12:00AM
Updated:	Feb 22 2007 05:46PM
Credit:	Henrik Nordstrom <[email protected]> is credited with the discovery of this issue.
Vulnerable:	Turbolinux Turbolinux Workstation 8.0 Turbolinux Turbolinux Workstation 7.0 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux Server 7.0 Turbolinux Appliance Server Workgroup Edition 1.0 Turbolinux Appliance Server Hosting Edition 1.0 SuSE Linux 8.1 SuSE Linux 8.0 i386 SuSE Linux 8.0 SuSE Linux 7.3 sparc SuSE Linux 7.3 ppc SuSE Linux 7.3 i386 SuSE Linux 7.3 SuSE Linux 7.2 i386 SuSE Linux 7.2 SuSE Linux 7.1 x86 SuSE Linux 7.1 sparc SuSE Linux 7.1 ppc SuSE Linux 7.1 alpha SuSE Linux 7.1 SuSE Linux 7.0 sparc SuSE Linux 7.0 ppc SuSE Linux 7.0 i386 SuSE Linux 7.0 alpha SuSE Linux 7.0 SuSE Linux 6.4 ppc SuSE Linux 6.4 i386 SuSE Linux 6.4 alpha SuSE Linux 6.4 SuSE Linux 6.3 ppc SuSE Linux 6.3 alpha SuSE Linux 6.3 SuSE Linux 6.2 SuSE Linux 6.1 alpha SuSE Linux 6.1 SuSE Linux 6.0 SuSE Linux 5.3 SuSE Linux 5.2 SuSE Linux 5.1 SuSE Linux 5.0 SuSE Linux 4.4.1 SuSE Linux 4.4 SuSE Linux 4.3 SuSE Linux 4.2 SuSE Linux 4.0 SuSE Linux 3.0 SuSE Linux 2.0 SuSE Linux 1.0 Squid Web Proxy Cache 2.5 .STABLE9 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 + MandrakeSoft Corporate Server 3.0 x86_64 + MandrakeSoft Corporate Server 3.0 + Mandriva Linux Mandrake 10.2 x86_64 + Mandriva Linux Mandrake 10.2 + Mandriva Linux Mandrake 10.1 x86_64 + Mandriva Linux Mandrake 10.1 + Mandriva Linux Mandrake 10.0 AMD64 + Mandriva Linux Mandrake 10.0 Squid Web Proxy Cache 2.5 .STABLE8 + Gentoo Linux + Redhat Fedora Core3 + Redhat Fedora Core2 + Ubuntu Ubuntu Linux 5.0 4 powerpc + Ubuntu Ubuntu Linux 5.0 4 i386 + Ubuntu Ubuntu Linux 5.0 4 amd64 Squid Web Proxy Cache 2.5 .STABLE7 + Gentoo Linux + Redhat Fedora Core3 + Redhat Fedora Core2 Squid Web Proxy Cache 2.5 .STABLE6 + Mandriva Linux Mandrake 10.1 x86_64 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 + Turbolinux Appliance Server 1.0 Workgroup Edition + Turbolinux Appliance Server 1.0 Hosting Edition + Turbolinux Appliance Server Hosting Edition 1.0 + Turbolinux Appliance Server Workgroup Edition 1.0 + Turbolinux Turbolinux Server 10.0 + Turbolinux Turbolinux Server 8.0 + Turbolinux Turbolinux Server 7.0 + Turbolinux Turbolinux Workstation 8.0 + Turbolinux Turbolinux Workstation 7.0 Squid Web Proxy Cache 2.5 .STABLE5 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Squid Web Proxy Cache 2.5 .STABLE4 + MandrakeSoft Corporate Server 3.0 + Mandriva Linux Mandrake 10.0 AMD64 + Mandriva Linux Mandrake 10.0 + OpenPKG OpenPKG 2.0 + OpenPKG OpenPKG Current Squid Web Proxy Cache 2.5 .STABLE3 + Mandriva Linux Mandrake 9.2 amd64 + Mandriva Linux Mandrake 9.2 + OpenPKG OpenPKG 1.3 + Redhat Desktop 3.0 + Redhat Enterprise Linux AS 3 + Redhat Enterprise Linux ES 3 + Redhat Enterprise Linux WS 3 + Redhat Fedora Core1 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 Squid Web Proxy Cache 2.5 .STABLE1 + Mandriva Linux Mandrake 9.1 ppc + Mandriva Linux Mandrake 9.1 + S.u.S.E. Linux Personal 8.2 Squid Web Proxy Cache 2.4 .STABLE7 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Multi Network Firewall 2.0 + Redhat Enterprise Linux AS 2.1 IA64 + Redhat Enterprise Linux AS 2.1 + Redhat Enterprise Linux ES 2.1 IA64 + Redhat Enterprise Linux ES 2.1 + Redhat Enterprise Linux WS 2.1 IA64 + Redhat Enterprise Linux WS 2.1 + Redhat Linux Advanced Work Station 2.1 Squid Web Proxy Cache 2.4 .STABLE6 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 Squid Web Proxy Cache 2.4 .STABLE2 Squid Web Proxy Cache 2.4 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 Squid Web Proxy Cache 2.3 .STABLE5 Squid Web Proxy Cache 2.3 .STABLE4 SGI ProPack 3.0 SP5 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 Redhat Linux 9.0 i386 Redhat Linux 7.3 i386 Redhat Fedora Core2 Redhat Fedora Core1 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux WS 3 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux ES 3 Redhat Enterprise Linux AS 4 Redhat Enterprise Linux AS 3 Redhat Desktop 4.0 Redhat Desktop 3.0

Not Vulnerable:

Discussion

Squid Proxy Aborted Connection Remote Denial Of Service Vulnerability

A remote denial-of-service vulnerability affects the Squid Proxy. The application fails to properly handle exceptional network requests. The problem presents itself when a remote attacker prematurely aborts a connection during a PUT or POST request.

A remote attacker may leverage this issue to crash the affected Squid Proxy, denying service to legitimate users.

Exploit / POC

Squid Proxy Aborted Connection Remote Denial Of Service Vulnerability

No exploit is required to leverage this issue.

Solution / Fix

Squid Proxy Aborted Connection Remote Denial Of Service Vulnerability

Solution:
Please see the referenced vendor advisories for more information and fixes.

Turbolinux Appliance Server Hosting Edition 1.0

Turbolinux squid-2.5.STABLE6-21.i586.rpm
Turbolinux Appliance Server 1.0 Hosting Edition
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/

Turbolinux Turbolinux Server 10.0

Turbolinux squid-2.5.STABLE6-21.i586.rpm
Turbolinux 10 Server
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/squid-2.5.STABLE6-21.i586.rpm

Turbolinux squid-debug-2.5.STABLE6-21.i586.rpm
Turbolinux 10 Server
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/squid-debug-2.5.STABLE6-21.i586.rpm

Squid Web Proxy Cache 2.4 .STABLE6

RedHat squid-2.4.STABLE7-0.73.3.legacy.i386.rpm
Red Hat Linux 7.3:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/squid-2.4.STA BLE7-0.73.3.legacy.i386.rpm

Squid Web Proxy Cache 2.5 .STABLE3

RedHat squid-2.5.STABLE3-2.fc1.6.legacy.i386.rpm
Fedora Core 1:
http://download.fedoralegacy.org/fedora/1/updates/i386/squid-2.5.STABL E3-2.fc1.6.legacy.i386.rpm

Squid Web Proxy Cache 2.5 .STABLE7

Squid squid-2.5.STABLE7-post.patch
http://www1.uk.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7- post.patch

Squid Web Proxy Cache 2.5 .STABLE1

RedHat squid-2.5.STABLE1-9.10.legacy.i386.rpm
Red Hat Linux 9:
http://download.fedoralegacy.org/redhat/9/updates/i386/squid-2.5.STABL E1-9.10.legacy.i386.rpm

Squid Web Proxy Cache 2.5 .STABLE5

Conectiva squid-2.5.5-63116U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-2.5.5-63116U10_8cl.i 386.rpm

Conectiva squid-2.5.5-76327U90_10cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-2.5.5-76327U90_10cl.i 386.rpm

Conectiva squid-auth-2.5.5-63116U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-auth-2.5.5-63116U10_ 8cl.i386.rpm

Conectiva squid-auth-2.5.5-76327U90_10cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-auth-2.5.5-76327U90_1 0cl.i386.rpm

Conectiva squid-extra-templates-2.5.5-63116U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-extra-templates-2.5. 5-63116U10_8cl.i386.rpm

Conectiva squid-extra-templates-2.5.5-76327U90_10cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-extra-templates-2.5.5 -76327U90_10cl.i386.rpm

RedHat squid-2.5.STABLE9-1.FC2.4.legacy.i386.rpm
Fedora Core 2:
http://download.fedoralegacy.org/fedora/2/updates/i386/squid-2.5.STABL E9-1.FC2.4.legacy.i386.rpm

Ubuntu squid-cgi_2.5.5-6ubuntu0.7_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5. 5-6ubuntu0.7_amd64.deb

Ubuntu squid-cgi_2.5.5-6ubuntu0.7_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5. 5-6ubuntu0.7_i386.deb

Ubuntu squid-cgi_2.5.5-6ubuntu0.7_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5. 5-6ubuntu0.7_powerpc.deb

Ubuntu squid-common_2.5.5-6ubuntu0.7_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid-common_2.5.5 -6ubuntu0.7_all.deb

Ubuntu squid_2.5.5-6ubuntu0.7_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubunt u0.7_amd64.deb

Ubuntu squid_2.5.5-6ubuntu0.7_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubunt u0.7_i386.deb

Ubuntu squid_2.5.5-6ubuntu0.7_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubunt u0.7_powerpc.deb

Ubuntu squidclient_2.5.5-6ubuntu0.7_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2. 5.5-6ubuntu0.7_amd64.deb

Ubuntu squidclient_2.5.5-6ubuntu0.7_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2. 5.5-6ubuntu0.7_i386.deb

Ubuntu squidclient_2.5.5-6ubuntu0.7_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2. 5.5-6ubuntu0.7_powerpc.deb

Turbolinux Turbolinux Workstation 7.0

Turbolinux squid-2.5.STABLE6-21.i586.rpm
Turbolinux 7 Workstation
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/squid-2.5.STABLE6-21.i586.rpm

References

Squid Proxy Aborted Connection Remote Denial Of Service Vulnerability

References:

RHSA-2005:415-16 - squid security update (RedHat)
Segmentation fault on failed PUT/POST request (Squid)
Squid Web Proxy Cache Homepage (Squid)