Summary
This host is running Squid Proxy Server and is prone to Denial Of Service vulnerability.
Impact
Successful exploitation could allow remote attackers to cause a denial of service via a crafted port number values in the 'Host' header.
Solution
Upgrade to Squid Version 3.2.13 or 3.3.8 or latest or apply patch, For updates refer to http://www.squid-cache.org/Download
Insight
Error when handling port number values within the 'Host' header of HTTP requests.
Affected
Squid Version 3.2 through 3.2.12 and versions 3.3 through 3.3.7
Detection
Send crafted 'Host' header request and check is it vulnerable to DoS or not.
References
Severity
Classification
-
CVE CVE-2013-4123 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Beckhoff TwinCAT 'TCATSysSrv.exe' Network Packet Denial of Service Vulnerability
- Dell OpenManage Web Server <= 3.7.1
- Apple Safari Nested 'object' Tag Remote Denial Of Service vulnerability
- Dopewars Server 'REQUESTJET' Message Remote Denial of Service Vulnerability
- ClamAV Invalid Memory Access Denial Of Service Vulnerability