• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Squid Proxy SNMP ASN.1 Parser Denial Of Service Vulnerability

Squid is prone to a denial-of-service vulnerability in its SNMP ASN.1 parser. SNMP support is not enabled by default as provided by the vendor, but may be enabled by default when Squid is included as a binary application in certain unconfirmed operating systems.

This vulnerability allows remote attackers to crash affected Squid proxies with single UDP datagrams that may be spoofed. Squid will attempt to restart itself automatically, but an attacker sending repeated malicious SNMP packets can effectively deny service to legitimate users.

Squid 2.5-STABLE6 and earlier, as well as 3.0-PRE3-20040702, are reported vulnerable.