logo
DATABASE RESOURCES PRICING ABOUT US

Arbitrary Code Execution

Description

squid3 is vulnerable to arbitrary code execution. The vulnerability exists as squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer, that allows encoded URLs to bypass the `url_regex` check.


Affected Software


CPE Name Name Version
squid3:bionic 3.5.27-1ubuntu1
squid3:stretch 3.5.23-5+deb9u1

Related