Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Squid, denial of service via HTCP

February 2010 by Vigil@nce

An attacker can send a malicious HTCP query to Squid, in order to stop it.

- Severity: 2/4
- Consequences: denial of service of service
- Provenance: intranet client
- Means of attack: no proof of concept, no attack
- Ability of attacker: expert (4/4)
- Confidence: confirmed by the editor (5/5)
- Diffusion of the vulnerable configuration: medium (2/3)
- Creation date: 12/02/2010

IMPACTED PRODUCTS

- Squid cache

DESCRIPTION OF THE VULNERABILITY

The HTCP (Hypertext Caching Protocol) protocol is used between cache servers. When the htcp_port directive is used in the configuration file of Squid, HTCP is enabled (this is not the default case).

When HTCP is enabled, an attacker can connect to the port 4827, and send an invalid HTCP query. A NULL pointer is then dereferenced in the htcpAccessCheck() function of the src/htcp.c file.

An attacker can therefore send a malicious HTCP query to Squid, in order to stop it.

CHARACTERISTICS

- Identifiers: 2858, BID-38212, CVE-2010-0639, SQUID-2010:2, VIGILANCE-VUL-9449
- Url: http://vigilance.fr/vulnerability/S...




See previous articles

    

See next articles