PT-2020-5786 · Squid+8 · Squid+9

Jeriko One

·

Published

2020-04-15

·

Updated

2024-06-15

·

CVE-2019-12519

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Squid versions through 4.7
Description: The issue is related to the ESIExpression::Evaluate function in the Squid proxy server, which is associated with a buffer data boundary overflow. This could allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. The problem arises when handling the esi:when tag with ESI enabled, as the ESIExpression::Evaluate function uses a fixed stack buffer without checking for potential overflows when adding new members to the stack.
Recommendations: For Squid versions through 4.7, consider disabling the ESI feature to prevent exploitation until a patch is available. As a temporary workaround, restrict access to the ESIExpression::Evaluate function to minimize the risk of exploitation. Avoid using the esi:when tag in configurations where ESI is enabled until the issue is resolved.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2020:2041
ALT-PU-2020-1909
ALT-PU-2020-3140
ALT-PU-2020-3142
BDU:2021-01747
CESA-2020_2040
CESA-2020_2041
CVE-2019-12519
DLA-2278-1
DSA-4682-1
OESA-2021-1020
OPENSUSE-SU-2020:0623-1
OPENSUSE-SU-2020_0623-1
OPENSUSE-SU-2024:11403-1
RHSA-2020:2038
RHSA-2020:2039
RHSA-2020:2040
RHSA-2020:2041
RHSA-2020_2040
RHSA-2020_2041
RLSA-2020:2041
SUSE-SU-2020:1134-1
SUSE-SU-2020:1156-1
SUSE-SU-2020:1227-1
SUSE-SU-2020:14460-1
SUSE-SU-2020_1134-1
SUSE-SU-2020_1156-1
SUSE-SU-2020_1227-1
SUSE-SU-2020_14460-1
USN-4356-1

Affected Products

Alt Linux
Almalinux
Centos
Linuxmint
Red Hat
Rocky Linux
Squid
Squid Cache
Suse
Ubuntu