Rapid7 Vulnerability & Exploit Database

CentOS Linux: CVE-2023-50269: Important: squid security update (CESA-2024:1787)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

CentOS Linux: CVE-2023-50269: Important: squid security update (CESA-2024:1787)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
12/14/2023
Created
04/12/2024
Added
04/12/2024
Modified
04/12/2024

Description

Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.

Solution(s)

  • centos-upgrade-squid
  • centos-upgrade-squid-debuginfo
  • centos-upgrade-squid-migration-script
  • centos-upgrade-squid-sysvinit

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;