Intrusion Prevention

Squid.Squoison.Host.Header.Cache.Poisoning

Description

This indicates an attempt to exploit a Cache Poisoning vulnerability in Squid.
The vulnerability is due to improper checking of Host header against the URI in the HTTP request. By sending a crafted HTTP request to the attacker controlled website, an attacker can poison Squid proxy's cache with arbitrary content.

Affected Products

Squid Project Squid 3.5.12

Impact

System compromise: attackers can poison Squid proxy's cache with arbitrary content.

Recommended Actions

Upgrade to the latest version, available from the website.
http://www.squid-cache.org/Advisories/SQUID-2016_7.txt

CVE References

CVE-2016-4553