Update Protection against Squid HTTP Version Number Parsing Denial of Service Vulnerability
| Check Point Reference: | CPAI-2009-026 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA33731 | |
| Industry Reference(s): | CVE-2009-0478 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Squid Project Squid 2.7 through 2.7.Stable5 Squid Project Squid 3.0 through 3.0.Stable12 Squid Project Squid 3.1 through 3.1.0.4 | ||
| Vulnerability Description A denial of service vulnerability has been reported in Squid proxy. The Squid proxy server is a popular open source, Internet proxy and web caching application. A remote attacker may exploit this issue to create a denial of service condition and crash the vulnerable application. |
||
|
Update/Patch Available Apply patched: Squid Proxy Cache Security Update Advisory SQUID-2009:1 |
|
|
Vulnerability Details The vulnerability is due to an error within the squid proxy that fails to properly parse version numbers when processing malformed HTTP requests. A remote attacker can exploit this flaw by specially crafting an HTTP request and sending it to a vulnerable system. Successful exploitation may allow an attacker to create a denial of service condition on an affected server. |
Protection Overview
By enabling this protection, SmartDefense will detect and block specially crafted HTTP requests sent to the Squid proxy server.
In order for the protection to be activated, update your VPN-1/InterSpect product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.