Описание
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.
A heap-based buffer overflow flaw was found in the Squid caching proxy. When processing the Uniform Resource Name (URNs), specific conditions can lead to remote code execution.
Отчет
This vulnerability is Important because the heap-based buffer overflow occurs during URN processing in Squid’s core request-handling path, which is exposed to untrusted, remote input. Unlike flaws that merely cause a service crash, this defect allows an attacker to manipulate heap memory structures, potentially achieving arbitrary code execution within the Squid process context. Since Squid often runs with elevated privileges and serves as a gateway between internal and external networks, successful exploitation could provide a remote attacker with direct control over the proxy server, enabling them to pivot into internal systems, intercept sensitive traffic, or alter cached content.
Меры по смягчению последствий
Users can disable URN access permissions to mitigate this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | squid | Not affected | ||
| Red Hat Enterprise Linux 6 | squid | Out of support scope | ||
| Red Hat Enterprise Linux 6 | squid34 | Out of support scope | ||
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | squid | Fixed | RHSA-2025:14414 | 25.08.2025 |
| Red Hat Enterprise Linux 8 | squid | Fixed | RHSA-2023:7668 | 06.12.2023 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | squid | Fixed | RHSA-2024:0772 | 12.02.2024 |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | squid | Fixed | RHSA-2024:0772 | 12.02.2024 |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | squid | Fixed | RHSA-2024:0772 | 12.02.2024 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | squid | Fixed | RHSA-2024:0773 | 12.02.2024 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | squid | Fixed | RHSA-2024:0773 | 12.02.2024 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
8.9 High
CVSS3
Связанные уязвимости
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid ...
Уязвимость прокси-сервера Squid, связанная с переполнением буфера в динамической памяти при обработке URN-заголовков, позволяющая нарушителю выполнить произвольный код
EPSS
8.9 High
CVSS3