CVE-2018-1000027

high-risk

Published 2018-02-09

The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.

Do I need to act?

66.0% chance of exploitation in next 30 days

EPSS score — higher than 34% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (7)

Squid

Debian Linux

Ubuntu Linux

Affected Vendors

Debian Canonical Squid-Cache

References (18)

Patch http://www.squid-cache.org/Advisories/SQUID-2018_2.txt

Patch http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch

Patch http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch

Third Party Advisory https://github.com/squid-cache/squid/pull/129/files

Mailing List https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html

Mailing List https://lists.debian.org/debian-lts-announce/2018/02/msg00002.html

Third Party Advisory https://usn.ubuntu.com/3557-1/

https://usn.ubuntu.com/4059-2/

Third Party Advisory https://www.debian.org/security/2018/dsa-4122