Summary
This host is running Squid Proxy Server and is prone to Denial Of Service vulnerability.
Impact
Successful exploitation could allow remote attackers to cause a denial of service via a crafted port number values in the 'Host' header.
Solution
Upgrade to Squid Version 3.2.13 or 3.3.8 or latest or apply patch, For updates refer to http://www.squid-cache.org/Download
Insight
Error when handling port number values within the 'Host' header of HTTP requests.
Affected
Squid Version 3.2 through 3.2.12 and versions 3.3 through 3.3.7
Detection
Send crafted 'Host' header request and check is it vulnerable to DoS or not.
References
Severity
Classification
-
CVE CVE-2013-4123 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
- F-PROT AV 'ELF' Header Denial of Service Vulnerability
- Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities
- Adobe Acrobat PDF File Denial Of Service Vulnerability
- Asterisk Products Invalid SDP SIP Channel Driver DoS Vulnerability