Intrusion Prevention

Squid.Proxy.HTTP.Request.Processing.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in Squid Project Squid.
The vulnerability is due to insufficient handling of crafted HTTP requests. A remote attacker can exploit this vulnerability by sending crafted requests to the target server. Successful exploitation could result in the execution of arbitrary code under the low-privilege level of the proxy.

Affected Products

Squid Project Squid 2.x through 2.7.STABLE9
Squid Project Squid 3.x through 3.5.28
Squid Project Squid 4.x prior to 4.10

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.squid-cache.org/Advisories/SQUID-2020_1.txt

CVE References

CVE-2020-8450