1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
Candidate: CVE-2012-2213
PublicDate: 2012-04-28
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2213
http://archives.neohapsis.com/archives/bugtraq/2012-04/0165.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0163.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0146.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0140.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0131.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0117.html
Description:
** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the access
configuration for the CONNECT method by providing an arbitrary allowed
hostname in the Host HTTP header. NOTE: this issue might not be
reproducible, because the researcher is unable to provide a squid.conf file
for a vulnerable system, and the observed behavior is consistent with a
squid.conf file that was (perhaps inadvertently) designed to allow access
based on a "req_header Host" acl regex that matches www.uol.com.br.
Ubuntu-Description:
Notes:
mdeslaur> Need to check, see reproducer in original post
sbeattie> dropping to low, as it requires a specific configuration
sbeattie> using Host header filtering
sbeattie> also, upstream does not have a fix for this.
sarnold> still unable to find a configuration that could demonstrate the
sarnold> problem; as of 2013-01-28, no fix from upstream either.
mdeslaur> Disputed, so ignored.
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_squid:
upstream_squid: needs-triage
hardy_squid: ignored (reached end-of-life)
lucid_squid: ignored (reached end-of-life)
natty_squid: ignored (reached end-of-life)
oneiric_squid: ignored (reached end-of-life)
precise_squid: DNE
quantal_squid: DNE
raring_squid: DNE
devel_squid: DNE
Patches_squid3:
upstream_squid3: needs-triage
hardy_squid3: ignored (reached end-of-life)
lucid_squid3: ignored (reached end-of-life)
natty_squid3: ignored (reached end-of-life)
oneiric_squid3: ignored (reached end-of-life)
precise_squid3: ignored
quantal_squid3: ignored
raring_squid3: ignored
devel_squid3: ignored
|