ID CVE-2007-1560 Type cve Reporter NVD Modified 2017-10-10T21:31:53
Description
The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error.
{"result": {"gentoo": [{"id": "GLSA-200703-27", "type": "gentoo", "title": "Squid: Denial of Service", "description": "### Background\n\nSquid is a multi-protocol proxy server. \n\n### Description\n\nSquid incorrectly handles TRACE requests that contain a \"Max-Forwards\" header field with value \"0\" in the clientProcessRequest() function. \n\n### Impact\n\nA remote attacker can send specially crafted TRACE HTTP requests that will terminate the child process. A quickly repeated attack will lead to a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Squid users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-proxy/squid-2.6.12\"", "published": "2007-03-31T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/200703-27", "cvelist": ["CVE-2007-1560"], "lastseen": "2016-09-06T19:46:30"}], "openvas": [{"id": "OPENVAS:830006", "type": "openvas", "title": "Mandriva Update for squid MDKSA-2007:068 (squid)", "description": "Check for the Version of squid", "published": "2009-04-09T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=830006", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-07-24T12:56:17"}, {"id": "OPENVAS:1361412562310830006", "type": "openvas", "title": "Mandriva Update for squid MDKSA-2007:068 (squid)", "description": "Check for the Version of squid", "published": "2009-04-09T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830006", "cvelist": ["CVE-2007-1560"], "lastseen": "2018-04-09T11:39:11"}, {"id": "OPENVAS:136141256231080017", "type": "openvas", "title": "Squid < 2.6.STABLE12 Denial-of-Service Vulnerability", "description": "A vulnerability in TRACE request processing has been reported in Squid,\n which can be exploited by malicious people to cause a denial of service.", "published": "2008-10-24T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231080017", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-08-28T11:20:42"}, {"id": "OPENVAS:58868", "type": "openvas", "title": "FreeBSD Ports: squid", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2008-09-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=58868", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-07-02T21:10:11"}, {"id": "OPENVAS:58186", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200703-27 (squid)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200703-27.", "published": "2008-09-24T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=58186", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-07-24T12:50:13"}, {"id": "OPENVAS:840136", "type": "openvas", "title": "Ubuntu Update for squid vulnerability USN-441-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-441-1", "published": "2009-03-23T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=840136", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-12-04T11:28:41"}, {"id": "OPENVAS:1361412562310122686", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2007-0131", "description": "Oracle Linux Local Security Checks ELSA-2007-0131", "published": "2015-10-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122686", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-07-24T12:53:11"}], "redhat": [{"id": "RHSA-2007:0131", "type": "redhat", "title": "(RHSA-2007:0131) Moderate: squid security update", "description": "Squid is a high-performance proxy caching server for Web clients,\r\nsupporting FTP, gopher, and HTTP data objects.\r\n\r\nA denial of service flaw was found in the way Squid processed the TRACE\r\nrequest method. It was possible for an attacker behind the Squid proxy\r\nto issue a malformed TRACE request, crashing the Squid daemon child\r\nprocess. As long as these requests were sent, it would prevent\r\nlegitimate usage of the proxy server. (CVE-2007-1560)\r\n\r\nThis flaw does not affect the version of Squid shipped in Red Hat\r\nEnterprise Linux 2.1, 3, or 4.\r\n\r\nUsers of Squid should upgrade to this updated package, which contains a\r\nbackported patch and is not vulnerable to this issue.", "published": "2007-04-03T04:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2007:0131", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-09-09T07:19:36"}], "oraclelinux": [{"id": "ELSA-2007-0131", "type": "oraclelinux", "title": "Moderate: squid security update ", "description": " [2.6.STABLE6-4]\n - Resolves: rhbz#233253 - CVE-2007-1560 Squid TRACE DoS ", "published": "2007-06-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2007-0131.html", "cvelist": ["CVE-2007-1560"], "lastseen": "2016-09-04T11:16:23"}], "nessus": [{"id": "UBUNTU_USN-441-1.NASL", "type": "nessus", "title": "Ubuntu 6.10 : squid vulnerability (USN-441-1)", "description": "A flaw was discovered in Squid's handling of the TRACE request method which could lead to a crash. Remote attackers with access to the Squid server could send malicious TRACE requests, and cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2007-11-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=28038", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-10-29T13:35:03"}, {"id": "FREEBSD_PKG_C27BC173D7AA11DBB1410016179B2DD5.NASL", "type": "nessus", "title": "FreeBSD : Squid -- TRACE method handling denial of service (c27bc173-d7aa-11db-b141-0016179b2dd5)", "description": "Squid advisory 2007:1 notes :\n\nDue to an internal error Squid-2.6 is vulnerable to a denial of service attack when processing the TRACE request method.\n\nWorkarounds :\n\nTo work around the problem deny access to using the TRACE method by inserting the following two lines before your first http_access rule.\n\nacl TRACE method TRACE\n\nhttp_access deny TRACE", "published": "2007-03-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=24886", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-10-29T13:44:40"}, {"id": "GENTOO_GLSA-200703-27.NASL", "type": "nessus", "title": "GLSA-200703-27 : Squid: Denial of Service", "description": "The remote host is affected by the vulnerability described in GLSA-200703-27 (Squid: Denial of Service)\n\n Squid incorrectly handles TRACE requests that contain a 'Max-Forwards' header field with value '0' in the clientProcessRequest() function.\n Impact :\n\n A remote attacker can send specially crafted TRACE HTTP requests that will terminate the child process. A quickly repeated attack will lead to a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "published": "2007-04-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=24932", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-10-29T13:36:57"}, {"id": "SUSE_SQUID-3036.NASL", "type": "nessus", "title": "openSUSE 10 Security Update : squid (squid-3036)", "description": "This update fixes a remote denial of service problem in Squid 2.6 (CVE-2007-1560).\n\nOther Squid versions are not affected.", "published": "2007-10-17T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=27453", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-10-29T13:38:41"}, {"id": "REDHAT-RHSA-2007-0131.NASL", "type": "nessus", "title": "RHEL 5 : squid (RHSA-2007:0131)", "description": "An updated squid package that fixes a security vulnerability is now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nSquid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed the TRACE request method. It was possible for an attacker behind the Squid proxy to issue a malformed TRACE request, crashing the Squid daemon child process. As long as these requests were sent, it would prevent legitimate usage of the proxy server. (CVE-2007-1560)\n\nThis flaw does not affect the version of Squid shipped in Red Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of Squid should upgrade to this updated package, which contains a backported patch and is not vulnerable to this issue.", "published": "2007-05-25T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=25323", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-10-29T13:37:13"}, {"id": "SQUID_2612.NASL", "type": "nessus", "title": "Squid < 2.6.STABLE12 src/client_side.c clientProcessRequest() function TRACE Request DoS", "description": "A vulnerability in TRACE request processing has been reported in Squid, which can be exploited by malicious people to cause a denial of service.", "published": "2007-03-23T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=24873", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-10-29T13:38:45"}, {"id": "ORACLELINUX_ELSA-2007-0131.NASL", "type": "nessus", "title": "Oracle Linux 5 : squid (ELSA-2007-0131)", "description": "From Red Hat Security Advisory 2007:0131 :\n\nAn updated squid package that fixes a security vulnerability is now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nSquid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way Squid processed the TRACE request method. It was possible for an attacker behind the Squid proxy to issue a malformed TRACE request, crashing the Squid daemon child process. As long as these requests were sent, it would prevent legitimate usage of the proxy server. (CVE-2007-1560)\n\nThis flaw does not affect the version of Squid shipped in Red Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of Squid should upgrade to this updated package, which contains a backported patch and is not vulnerable to this issue.", "published": "2013-07-12T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67467", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-10-29T13:34:28"}, {"id": "MANDRAKE_MDKSA-2007-068.NASL", "type": "nessus", "title": "Mandrake Linux Security Advisory : squid (MDKSA-2007:068)", "description": "Due to an internal error Squid-2.6 is vulnerable to a denial of service attack when processing the TRACE request method. This problem allows any client trusted to use the service to perform a denial of service attack on the Squid service.\n\nUpdated packages have been patched to address this issue.", "published": "2007-03-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=24894", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-10-29T13:33:58"}], "ubuntu": [{"id": "USN-441-1", "type": "ubuntu", "title": "Squid vulnerability", "description": "A flaw was discovered in Squid\u2019s handling of the TRACE request method which could lead to a crash. Remote attackers with access to the Squid server could send malicious TRACE requests, and cause a denial of service.", "published": "2007-03-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/441-1/", "cvelist": ["CVE-2007-1560"], "lastseen": "2018-03-29T18:21:05"}], "freebsd": [{"id": "C27BC173-D7AA-11DB-B141-0016179B2DD5", "type": "freebsd", "title": "Squid -- TRACE method handling denial of service", "description": "\nSquid advisory 2007:1 notes:\n\nDue to an internal error Squid-2.6 is vulnerable to a denial of\n\t service attack when processing the TRACE request method.\nWorkarounds:\nTo work around the problem deny access to using the TRACE method by\n\t inserting the following two lines before your first http_access\n\t rule.\nacl TRACE method TRACE\nhttp_access deny TRACE\n\n", "published": "2007-03-20T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/c27bc173-d7aa-11db-b141-0016179b2dd5.html", "cvelist": ["CVE-2007-1560"], "lastseen": "2016-09-26T17:25:02"}], "osvdb": [{"id": "OSVDB:34367", "type": "osvdb", "title": "Squid src/client_side.c clientProcessRequest() function TRACE Request DoS", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www.squid-cache.org/Versions/v2/2.6/changesets/11349.patch\n[Vendor Specific Advisory URL](http://www.squid-cache.org/Advisories/SQUID-2007_1.txt)\nSecurity Tracker: 1017805\n[Secunia Advisory ID:24737](https://secuniaresearch.flexerasoftware.com/advisories/24737/)\n[Secunia Advisory ID:24625](https://secuniaresearch.flexerasoftware.com/advisories/24625/)\n[Secunia Advisory ID:24911](https://secuniaresearch.flexerasoftware.com/advisories/24911/)\n[Secunia Advisory ID:24611](https://secuniaresearch.flexerasoftware.com/advisories/24611/)\n[Secunia Advisory ID:24614](https://secuniaresearch.flexerasoftware.com/advisories/24614/)\n[Secunia Advisory ID:24662](https://secuniaresearch.flexerasoftware.com/advisories/24662/)\nRedHat RHSA: RHSA-2007:0131\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200703-27.xml\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200703-27.xml\nOther Advisory URL: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:068\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Mar/0009.html\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:068\nOther Advisory URL: http://www.ubuntu.com/usn/usn-441-1\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2007_5_sr.html\nISS X-Force ID: 33124\nFrSIRT Advisory: ADV-2007-1035\n[CVE-2007-1560](https://vulners.com/cve/CVE-2007-1560)\n", "published": "2007-03-20T09:34:12", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:34367", "cvelist": ["CVE-2007-1560"], "lastseen": "2017-04-28T13:20:30"}]}}
