Lucene search

K

[email protected]NVD:CVE-2019-12525

HistoryJul 11, 2019 - 7:15 p.m.

CVE-2019-12525

2019-07-1119:15:13

CWE-787

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.162 Low

EPSS

Percentile

96.0%

An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token’s value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.

Affected configurations

NVD

Node

squid-cachesquidRange3.3.9–3.5.28

OR

squid-cachesquidRange4.0–4.7

Node

debiandebian_linuxMatch8.0

OR

debiandebian_linuxMatch9.0

OR

debiandebian_linuxMatch10.0

Node

opensuseleapMatch15.0

OR

opensuseleapMatch15.1

Node

fedoraprojectfedoraMatch29

Node

canonicalubuntu_linuxMatch12.04-

OR

canonicalubuntu_linuxMatch16.04esm

OR

canonicalubuntu_linuxMatch18.04lts

OR

canonicalubuntu_linuxMatch19.04

References

lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html

lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html

www.squid-cache.org/Versions/v4/changesets/

www.squid-cache.org/Versions/v4/changesets/squid-4-7f73e9c5d17664b882ed32590e6af310c247f320.patch

github.com/squid-cache/squid/commits/v4

lists.debian.org/debian-lts-announce/2019/07/msg00018.html

lists.debian.org/debian-lts-announce/2020/07/msg00009.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPXN2CLAGN5QSQBTOV5IGVLDOQSRFNTZ/

seclists.org/bugtraq/2019/Aug/42

usn.ubuntu.com/4065-1/

usn.ubuntu.com/4065-2/

www.debian.org/security/2019/dsa-4507

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.162 Low

EPSS

Percentile

96.0%

Related for NVD:CVE-2019-12525

debiancve1 osv6 cvelist1 veracode1 prion1 ubuntucve1 openvas18 alpinelinux1 redhatcve1 cve1 ubuntu2 nessus29 debian4 redhat2 centos1 oraclelinux4 almalinux1 rocky1 mageia2 amazon3 fedora1 altlinux2 suse2