oss-sec mailing list archives
Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.
From: Joshua Rogers <megamansec () gmail com>
Date: Fri, 13 Oct 2023 20:23:36 +0200
Hi Amos, oss-security, I've added GHSA-543m-w2m2-g255 and CVE-2021-46784 for 'Cache Poisoning by Large Stored Response Headers (With Bonus XSS)' and 'Assertion in Gopher Response Handling' respectively: GHSA-543m-w2m2-g255 and CVE-2021-46784 However, for "Gopher Assertion Crash", GHSA-f5cp-6rh3-284w does not apply. "Gopher Assertion Crash" concerns an assertion "assertion failed: store.cc:832: "store_status == STORE_PENDING"" while GHSA-f5cp-6rh3-284w concerns an assertion: "assertion failed: String.cc:172: "canGrowBy(len)"" To the best of my knowledge the former (without a current GHSA or CVE) is unfixed. Cheers, Josh On Fri, Oct 13, 2023 at 3:54 AM Amos Jeffries <squid3 () treenet co nz> wrote:
Some reference updates. On 11/10/23 20:55, Joshua Rogers wrote:The issues are listed below. Due to the sheer size of issues discovered, technical details are not included in this email. However, breakdowns of the code and proof-of-concepts can be found on GitHub: https://megamansec.github.io/Squid-Security-Audit/Cache Poisoning by Large Stored Response Headers (With Bonus XSS)... GHSA-543m-w2m2-g255Gopher Assertion Crash... GHSA-f5cp-6rh3-284wAssertion in Gopher Response Handling... CVE-2021-46784 / GHSA-f5cp-6rh3-284w AYJ
Current thread:
- Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. Joshua Rogers (Oct 11)
- Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. Amos Jeffries (Oct 13)
- Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. Joshua Rogers (Oct 13)
- Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. Joshua Rogers (Oct 21)
- Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. Joshua Rogers (Oct 13)
- Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. Amos Jeffries (Oct 13)