Intrusion Prevention

Squid.Proxy.Digest.Nonce.Information.Disclosure

Description

This indicates an attack attempt to exploit an Information Disclosure Vulnerability in Squid Project Squid.
A remote attacker can exploit this vulnerability in a vulnerable Squid server by reading the nonce value, and performing base64-decoding on it to obtain a valid pointer. The pointer can then be used to facilitate subsequent attacks to bypass security features like ASLR. The disclosure of the pointer itself is classified as an information disclosure vulnerability.

Affected Products

Squid Project Squid 3.x through 3.5.28
Squid Project Squid 4.x through 4.8

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.squid-cache.org/Advisories/SQUID-2019_11.txt

CVE References

CVE-2019-18679