PT-2020-2569 · Squid+3 · Squid+4

Aaron Costello

·

Published

2020-02-04

·

Updated

2024-06-15

·

CVE-2020-8517

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Squid versions prior to 4.10
Description The issue exists due to insufficient input validation in the ext lm group acl, specifically in the NTLM authentication credentials parser. This can allow a remote attacker to terminate the Squid process, resulting in a denial of service for all clients using the proxy. The vulnerability occurs when the parser writes to memory outside the credentials buffer, which can cause the helper process to terminate unexpectedly on systems with memory access protections.
Recommendations For Squid versions prior to 4.10, update to version 4.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the ext lm group acl module to minimize the risk of exploitation.

Fix

DoS

Memory Corruption

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-20

Related Identifiers

ALT-PU-2020-1479
ALT-PU-2020-1494
BDU:2020-02598
CVE-2020-8517
MGASA-2020-0106
OPENSUSE-SU-2020:0307-1
OPENSUSE-SU-2020:0606-1
OPENSUSE-SU-2020:0623-1
OPENSUSE-SU-2020_0307-1
OPENSUSE-SU-2020_0606-1
OPENSUSE-SU-2020_0623-1
OPENSUSE-SU-2024:11403-1
SUSE-SU-2020:0487-1
SUSE-SU-2020:0493-1
SUSE-SU-2020:0661-1
SUSE-SU-2020:1134-1
SUSE-SU-2020:1156-1
SUSE-SU-2020:14460-1
USN-4289-1

Affected Products

Alt Linux
Squid
Squid Cache
Suse
Ubuntu