Squid Proxy HTTP Response Splitting Remote Cache Poisoning Vulnerability

BID:13435

Info

Squid Proxy HTTP Response Splitting Remote Cache Poisoning Vulnerability

Bugtraq ID: 13435
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Apr 23 2005 12:00AM
Updated: Apr 23 2005 12:00AM
Credit: Watchfire is credited with the discovery of this issue.
Vulnerable: Squid Web Proxy Cache 2.5 .STABLE7
+ Gentoo Linux
+ Redhat Fedora Core3
 + Redhat Fedora Core2
 Squid Web Proxy Cache 2.5 .STABLE6
+ Mandriva Linux Mandrake 10.1 x86_64
 + S.u.S.E. Linux Personal 9.2 x86_64
 + S.u.S.E. Linux Personal 9.2
+ Turbolinux Appliance Server 1.0 Workgroup Edition
 + Turbolinux Appliance Server 1.0 Hosting Edition
 + Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Turbolinux Server 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
Squid Web Proxy Cache 2.5 .STABLE5
+ S.u.S.E. Linux Personal 9.1 x86_64
 + S.u.S.E. Linux Personal 9.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
+ Ubuntu Ubuntu Linux 4.1 ppc
 + Ubuntu Ubuntu Linux 4.1 ia64
 + Ubuntu Ubuntu Linux 4.1 ia32
 Squid Web Proxy Cache 2.5 .STABLE4
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
 + Mandriva Linux Mandrake 10.0
+ OpenPKG OpenPKG 2.0
+ OpenPKG OpenPKG Current
 Squid Web Proxy Cache 2.5 .STABLE3
+ Mandriva Linux Mandrake 9.2 amd64
 + Mandriva Linux Mandrake 9.2
+ OpenPKG OpenPKG 1.3
+ Redhat Desktop 3.0
+ Redhat Enterprise Linux AS 3
 + Redhat Enterprise Linux ES 3
 + Redhat Enterprise Linux WS 3
 + Redhat Fedora Core1
 + S.u.S.E. Linux Personal 9.0 x86_64
 + S.u.S.E. Linux Personal 9.0
Squid Web Proxy Cache 2.5 .STABLE1
+ Mandriva Linux Mandrake 9.1 ppc
 + Mandriva Linux Mandrake 9.1
+ S.u.S.E. Linux Personal 8.2
Squid Web Proxy Cache 2.4 .STABLE7
+ MandrakeSoft Corporate Server 2.1 x86_64
 + MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Redhat Enterprise Linux AS 2.1 IA64
 + Redhat Enterprise Linux AS 2.1
 + Redhat Enterprise Linux ES 2.1 IA64
 + Redhat Enterprise Linux ES 2.1
 + Redhat Enterprise Linux WS 2.1 IA64
 + Redhat Enterprise Linux WS 2.1
 + Redhat Linux Advanced Work Station 2.1
Squid Web Proxy Cache 2.4 .STABLE6
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0
Squid Web Proxy Cache 2.4 .STABLE2
Squid Web Proxy Cache 2.4
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0
Squid Web Proxy Cache 2.3 .STABLE5
Squid Web Proxy Cache 2.3 .STABLE4
Squid Web Proxy Cache 2.1 PATCH2
Squid Web Proxy Cache 2.0 PATCH2
Not Vulnerable: Squid Web Proxy Cache 2.5 .STABLE9
+ Debian Linux 3.1 sparc
 + Debian Linux 3.1 s/390
 + Debian Linux 3.1 ppc
 + Debian Linux 3.1 mipsel
 + Debian Linux 3.1 mips
 + Debian Linux 3.1 m68k
 + Debian Linux 3.1 ia-64
 + Debian Linux 3.1 ia-32
 + Debian Linux 3.1 hppa
 + Debian Linux 3.1 arm
 + Debian Linux 3.1 amd64
 + Debian Linux 3.1 alpha
 + Debian Linux 3.1
+ MandrakeSoft Corporate Server 3.0 x86_64
 + MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.2 x86_64
 + Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.1 x86_64
 + Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
 + Mandriva Linux Mandrake 10.0
Squid Web Proxy Cache 2.5 .STABLE8
+ Gentoo Linux
+ Redhat Fedora Core3
 + Redhat Fedora Core2
 + Ubuntu Ubuntu Linux 5.0 4 powerpc
 + Ubuntu Ubuntu Linux 5.0 4 i386
 + Ubuntu Ubuntu Linux 5.0 4 amd64

Discussion

Squid Proxy HTTP Response Splitting Remote Cache Poisoning Vulnerability

A remote cache poisoning vulnerability affects Squid Proxy. This issue is due to a failure of the affected proxy to handle CR/LF characters in HTTP requests.

An attacker may leverage this issue to poison the cache of an affected Squid Proxy. This may facilitate man-in-the-middle attacks as well as others.

Exploit / POC

Squid Proxy HTTP Response Splitting Remote Cache Poisoning Vulnerability

No exploit is required to leverage this issue.

Solution / Fix

Squid Proxy HTTP Response Splitting Remote Cache Poisoning Vulnerability

Solution:
The vendor has released an upgrade dealing with this issue.


Squid Web Proxy Cache 2.0 PATCH2

Squid Web Proxy Cache 2.1 PATCH2

Squid Web Proxy Cache 2.3 .STABLE4

Squid Web Proxy Cache 2.3 .STABLE5

Squid Web Proxy Cache 2.4 .STABLE6

Squid Web Proxy Cache 2.4 .STABLE7

Squid Web Proxy Cache 2.4

Squid Web Proxy Cache 2.4 .STABLE2

Squid Web Proxy Cache 2.5 .STABLE6

Squid Web Proxy Cache 2.5 .STABLE4

Squid Web Proxy Cache 2.5 .STABLE1

Squid Web Proxy Cache 2.5 .STABLE5

Squid Web Proxy Cache 2.5 .STABLE3

Squid Web Proxy Cache 2.5 .STABLE7

References

Squid Proxy HTTP Response Splitting Remote Cache Poisoning Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report