CVE-2023-49286
Denial of Service in Helper Process management
In short
Squid proxy has a bug where it doesn't properly check if helper processes are working correctly, allowing attackers to crash the helper management system and make the proxy stop serving requests.
Technical detail
An incorrect validation of function return values in Squid's helper process management allows remote attackers to trigger a denial of service condition by exploiting the failure to properly handle error states, resulting in service disruption. Affected versions prior to 6.5; no authentication or special privileges required for exploitation.
Summary generated and translated by AI from the official description.
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Affected products
squid-cache · squidWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27https://lists.debian.org/debian-lts-announce/2024/01/msg00003.htmlhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/https://security.netapp.com/advisory/ntap-20240119-0004/http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch