National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2009-2855 Detail

Description

The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.

Source:  MITRE      Last Modified:  08/18/2009

Quick Info

CVE Dictionary Entry:
CVE-2009-2855
Original release date:
08/18/2009
Last revised:
09/18/2017
Source:
US-CERT/NIST

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:
5.0 MEDIUM
Vector:
(AV:N/AC:L/Au:N/C:N/I:N/A:P) (legend)
Impact Subscore:
2.9
Exploitability Subscore:
10.0
CVSS Version 2 Metrics:
Access Vector:
Network exploitable
Access Complexity:
Low
Authentication:
Not required to exploit
Impact Type:
Allows disruption of service

Vendor Statements (disclaimer)

Official Statement from Red Hat (03/31/2010)

This issue did not affect the versions of the squid packages, as shipped with Red Hat Enterprise Linux 3 and 4. The issue was addressed in the squid packages as shipped with Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2010-0221.html

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534982 External Source CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534982
http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=31;filename=diff;att=1;bug=534982 External Source MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=31;filename=diff;att=1;bug=534982
http://www.openwall.com/lists/oss-security/2009/07/20/10 External Source MLIST [oss-security] 20090720 squid DoS in external auth header parser
http://www.openwall.com/lists/oss-security/2009/08/03/3 External Source MLIST [oss-security] 20090803 Re: squid DoS in external auth header parser
http://www.openwall.com/lists/oss-security/2009/08/04/6 External Source MLIST [oss-security] 20090804 Re: squid DoS in external auth header parser
http://www.securityfocus.com/bid/36091 External Source BID 36091
http://www.securitytracker.com/id?1022757 External Source SECTRACK 1022757
http://www.squid-cache.org/bugs/show_bug.cgi?id=2541 External Source CONFIRM http://www.squid-cache.org/bugs/show_bug.cgi?id=2541
http://www.squid-cache.org/bugs/show_bug.cgi?id=2704 Vendor Advisory External Source MISC http://www.squid-cache.org/bugs/show_bug.cgi?id=2704
https://bugzilla.redhat.com/show_bug.cgi?id=518182 External Source CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=518182
https://exchange.xforce.ibmcloud.com/vulnerabilities/52610 External Source XF squid-strlistgetitem-dos(52610)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10592 External Source OVAL oval:org.mitre.oval:def:10592

References to Check Content

Identifier:
oval:org.mitre.oval:def:10592
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10592

Technical Details

Vulnerability Type (View All)

Change History 3 change records found - show changes