Squid.Squoison.Host.Header.Cache.Poisoning

description-logoDescription

This indicates an attempt to exploit a Cache Poisoning vulnerability in Squid.
The vulnerability is due to improper checking of Host header against the URI in the HTTP request. By sending a crafted HTTP request to the attacker controlled website, an attacker can poison Squid proxy's cache with arbitrary content.

affected-products-logoAffected Products

Squid Project Squid 3.5.12

Impact logoImpact

System compromise: attackers can poison Squid proxy's cache with arbitrary content.

recomended-action-logoRecommended Actions

Upgrade to the latest version, available from the website.
http://www.squid-cache.org/Advisories/SQUID-2016_7.txt

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-06-10 14.629 Severity:medium:high
2019-01-17 14.526 Sig Added