CVE-2019-12525

Name of the Vulnerable Software and Affected Versions Squid versions 3.3.9 through 3.5.28 Squid versions 4.x through 4.7

Description An issue was discovered in Squid when it is configured to use Digest authentication. It parses the header Proxy-Authorization and searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one, and if so, it performs a memcpy of its length minus 2. However, Squid never checks whether the value is just a single quote, leading to a memcpy of its length minus 1. This can cause a buffer overflow in memory, potentially allowing a remote attacker to cause a denial of service or execute arbitrary code.

Recommendations For Squid versions 3.3.9 through 3.5.28, consider disabling the Digest authentication mechanism until a patch is available. For Squid versions 4.x through 4.7, consider disabling the Digest authentication mechanism until a patch is available. As a temporary workaround, consider restricting access to the Proxy-Authorization header to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.