Bug 514013 (CVE-2009-2621, CVE-2009-2622) - CVE-2009-2621, CVE-2009-2622 squid: multiple vulnerabilities fixed in squid 3.0.STABLE17
Summary: CVE-2009-2621, CVE-2009-2622 squid: multiple vulnerabilities fixed in squid 3...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2009-2621, CVE-2009-2622
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 514014
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-07-27 16:22 UTC by Vincent Danen
Modified: 2019-09-29 12:31 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-08-24 07:43:48 UTC
Embargoed:

Attachments (Terms of Use)

Description Vincent Danen 2009-07-27 16:22:42 UTC 
The Squid project released squid 3.0.STABLE17 and 3.1.0.12 today [1], correcting the following issues (from their advisory):

Due to incorrect buffer limits and related bound checks Squid
is vulnerable to a denial of service attack when processing
specially crafted requests or responses.

Due to incorrect data validation Squid is vulnerable to a denial
of service attack when processing specially crafted responses.

These problems allow any trusted client or external server to
perform a denial of service attack on the Squid service.

[1] http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
Comment 1 Vincent Danen 2009-07-27 16:22:56 UTC 
Created squid tracking bugs for this issue

Affects: Fdevel [bug #514014]
Comment 2 Vincent Danen 2009-07-27 16:24:57 UTC 
Note: these issues only affect squid 3.x, so only Fedora is affected by this.  Red Hat Enterprise Linux 5 and earlier provide squid 2.x which is not affected by these issues.
Comment 3 Vincent Danen 2009-07-28 17:12:11 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-2621 to
the following vulnerability:

Name: CVE-2009-2621
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2621
Assigned: 20090728
Reference: CONFIRM: http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
Reference: CONFIRM: http://www.squid-cache.org/Versions/v3/3.1/changesets/b9654.patch

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not
properly enforce "buffer limits and related bound checks," which
allows remote attackers to cause a denial of service via (1) an
incomplete request or (2) a request with a large header size, related
to (a) HttpMsg.cc and (b) client_side.cc.


Common Vulnerabilities and Exposures assigned an identifier CVE-2009-2622 to
the following vulnerability:

Name: CVE-2009-2622
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2622
Assigned: 20090728
Reference: CONFIRM: http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
Reference: CONFIRM: http://www.squid-cache.org/Versions/v3/3.1/changesets/b9661.patch

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote
attackers to cause a denial of service via malformed requests
including (1) "missing or mismatched protocol identifier," (2) missing
or negative status value," (3) "missing version," or (4) "missing or
invalid status number," related to (a) HttpMsg.cc and (b)
HttpReply.cc.
Comment 4 Fedora Update System 2009-08-17 21:56:50 UTC 
squid-3.0.STABLE18-1.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 5 Fedora Update System 2009-08-17 21:59:20 UTC 
squid-3.0.STABLE18-1.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.