Common Vulnerabilities and Exposures assigned an identifier CVE-2012-2213 to the following vulnerability: ** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is unable to provide a squid.conf file for a vulnerable system, and the observed behavior is consistent with a squid.conf file that was (perhaps inadvertently) designed to allow access based on a "req_header Host" acl regex that matches www.uol.com.br. References: [1] http://archives.neohapsis.com/archives/bugtraq/2012-04/0117.html [2] http://archives.neohapsis.com/archives/bugtraq/2012-04/0131.html [3] http://archives.neohapsis.com/archives/bugtraq/2012-04/0146.html [4] http://archives.neohapsis.com/archives/bugtraq/2012-04/0140.html [5] http://archives.neohapsis.com/archives/bugtraq/2012-04/0163.html [6] http://archives.neohapsis.com/archives/bugtraq/2012-04/0165.html
Created attachment 581172 [details] Reproducer from original post
The exact conditions this was tested under are unknown and the reporter can not provide enough additional information (used squid configuration file for example) to properly evaluate this report for security relevance. Currently it is unknown, whether this problem constitutes a new security flaw or if it is just result of improper configuration. Statement: We do not currently plan to fix this issue due to the lack of further information about the flaw and its impact. If more information becomes available at a future date, we may revisit the issue.