ID CVE-2019-12527
Summary An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user controlled data.
References
Vulnerable Configurations
  • cpe:2.3:a:squid-cache:squid:4.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:squid-cache:squid:4.0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:squid-cache:squid:4.0.24:*:*:*:*:*:*:*
    cpe:2.3:a:squid-cache:squid:4.0.24:*:*:*:*:*:*:*
  • cpe:2.3:a:squid-cache:squid:4.0.25:*:*:*:*:*:*:*
    cpe:2.3:a:squid-cache:squid:4.0.25:*:*:*:*:*:*:*
  • cpe:2.3:a:squid-cache:squid:4.3:*:*:*:*:*:*:*
    cpe:2.3:a:squid-cache:squid:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:squid-cache:squid:4.4:*:*:*:*:*:*:*
    cpe:2.3:a:squid-cache:squid:4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:squid-cache:squid:4.6:*:*:*:*:*:*:*
    cpe:2.3:a:squid-cache:squid:4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:squid-cache:squid:4.7:*:*:*:*:*:*:*
    cpe:2.3:a:squid-cache:squid:4.7:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 1730533
title CVE-2019-12527 squid: heap-based buffer overflow in HttpHeader::getAuth
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 8 is installed
      oval oval:com.redhat.rhba:tst:20193384074
    • comment Module squid:4 is enabled
      oval oval:com.redhat.rhsa:tst:20192593011
    • OR
      • AND
        • comment libecap is earlier than 0:1.0.1-2.module+el8.0.0+4045+70edde92
          oval oval:com.redhat.rhsa:tst:20192593001
        • comment libecap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20192593002
      • AND
        • comment libecap-debugsource is earlier than 0:1.0.1-2.module+el8.0.0+4045+70edde92
          oval oval:com.redhat.rhsa:tst:20192593003
        • comment libecap-debugsource is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20192593004
      • AND
        • comment libecap-devel is earlier than 0:1.0.1-2.module+el8.0.0+4045+70edde92
          oval oval:com.redhat.rhsa:tst:20192593005
        • comment libecap-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20192593006
      • AND
        • comment squid is earlier than 7:4.4-5.module+el8.0.0+4045+70edde92
          oval oval:com.redhat.rhsa:tst:20192593007
        • comment squid is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110545002
      • AND
        • comment squid-debugsource is earlier than 7:4.4-5.module+el8.0.0+4045+70edde92
          oval oval:com.redhat.rhsa:tst:20192593009
        • comment squid-debugsource is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20192593010
rhsa
id RHSA-2019:2593
released 2019-09-03
severity Important
title RHSA-2019:2593: squid:4 security update (Important)
rpms
  • libecap-0:1.0.1-2.module+el8.0.0+4045+70edde92
  • libecap-debuginfo-0:1.0.1-2.module+el8.0.0+4045+70edde92
  • libecap-debugsource-0:1.0.1-2.module+el8.0.0+4045+70edde92
  • libecap-devel-0:1.0.1-2.module+el8.0.0+4045+70edde92
  • squid-7:4.4-5.module+el8.0.0+4045+70edde92
  • squid-debuginfo-7:4.4-5.module+el8.0.0+4045+70edde92
  • squid-debugsource-7:4.4-5.module+el8.0.0+4045+70edde92
refmap via4
bid 109143
bugtraq 20190825 [SECURITY] [DSA 4507-1] squid security update
confirm
debian DSA-4507
fedora FEDORA-2019-cb50bcc189
suse
  • openSUSE-SU-2019:2540
  • openSUSE-SU-2019:2541
ubuntu USN-4065-1
Last major update 24-08-2020 - 17:37
Published 11-07-2019 - 19:15
Last modified 24-08-2020 - 17:37
Back to Top