PT-2021-2457 · Squid+8 · Squid+9

Jianjun Chen

·

Published

2021-03-12

·

Updated

2024-06-15

·

CVE-2020-25097

CVSS v3.1

8.6

High

VectorAV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions: Squid versions 4.13 and earlier Squid versions 5.x through 5.0.4
Description: The issue is related to the implementation of the uri whitespace configuration in the Squid proxy server, which is associated with insufficient input validation. This can allow a remote attacker to send a hidden HTTP request, also known as an HTTP Request Smuggling attack, potentially accessing services that are otherwise forbidden by security controls.
Recommendations: For Squid versions 4.13 and earlier, update to a version that includes the fix for this issue. For Squid versions 5.x through 5.0.4, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of the uri whitespace configuration setting until a patch is available.

Exploit

Fix

HTTP Request/Response Smuggling

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-444CWE-20

Related Identifiers

ALSA-2021:1979
ALT-PU-2021-2058
ALT-PU-2021-2829
BDU:2021-01823
CESA-2021_1135
CESA-2021_1979
CVE-2020-25097
DLA-2598-1
DSA-4873-1
GHSA-JVF6-H9GJ-PMJ6
MGASA-2021-0237
OESA-2021-1165
OPENSUSE-SU-2021:0879-1
OPENSUSE-SU-2021:1961-1
OPENSUSE-SU-2021_0879-1
OPENSUSE-SU-2021_1961-1
OPENSUSE-SU-2024:11403-1
RHSA-2021:1135
RHSA-2021:1979
RHSA-2021:2025
RHSA-2021_1135
RHSA-2021_1979
RLSA-2021:1979
SUSE-SU-2021:1838-1
SUSE-SU-2021:1961-1
SUSE-SU-2021_1838-1
SUSE-SU-2021_1961-1
SUSE-SU-2022:14914-1
SUSE-SU-2022:2392-1
SUSE-SU-2022_14914-1
SUSE-SU-2022_2392-1
USN-4895-1

Affected Products

Alt Linux
Almalinux
Centos
Linuxmint
Red Hat
Rocky Linux
Squid
Squid Cache
Suse
Ubuntu