Squid.Proxy.WCCP.RecvFrom.Buffer.Overflow
Description
It indicates an attacker attempted a Buffer Overflow attack against the Squid Proxy server.
The Squid Proxy server is vulnerable to a Buffer Overflow when receiving Web Cache Communication Protocol (WCCP) packets. The recvfrom() method is passed an incorrect value for the "len" argument which can lead to arbitrary code execution.
Affected Products
Squid Web Proxy Cache 2.5.STABLE7 and earlier versions are affected.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |