CVE-2018-1000027

EUVD-2018-1788

09.02.2018, 23:29

The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 98%

Affected Products (NVD)

Vendor	Product	Version
squid-cache	squid	𝑥 < 4.0.23
debian	debian_linux	7.0
debian	debian_linux	8.0
debian	debian_linux	9.0
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	16.04
canonical	ubuntu_linux	17.10

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

squid

bookworm	5.7-2+deb12u2 fixed
bookworm (security)	5.7-2+deb12u2 fixed
bullseye	4.13-10+deb11u3 fixed
bullseye (security)	4.13-10+deb11u3 fixed
sid	6.12-1 fixed
trixie	6.12-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

squid3

artful	Fixed 3.5.23-5ubuntu1.1 released
bionic	Fixed 3.5.23-5ubuntu2 released
cosmic	dne
disco	dne
trusty	Fixed 3.3.8-1ubuntu6.11 released
xenial	Fixed 3.5.12-1ubuntu7.5 released