Squid proxy & reverse proxy users staying alert! CVE-2019-12527, CVE-2019-12525 & CVE-2019-12529 (Jul 2019)

Differences Between Forward Proxy and Reverse Proxy:The main difference between the two is that forward proxy is used by the client such as a web browser whereas reverse proxy is used by the server such as a web server. Forward proxy can reside in the same internal network as the client, or it can be on the Internet.

About Squid: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages.

Security Focus: CVE-2019-12527 Squid HttpHeader::getAuth Basic Authentication Heap-Based Buffer Overflow Vulnerability – The developer point out that there is a design limitation from Auth function in http header. So a modification on files will be remediate this problem. We only quote part of the parameter. For instance

Remove:

const char *
HttpHeader::getAuth(Http::HdrType id

Append the following:

SBuf
HttpHeader::getAuthToken(Http::HdrType id

Besides, the remediation of CVE-2019-12525 is that it replace the fixed-size buffer for decoding base64 tokens with an SBuf to avoid decoder issues on large inputs.

Squid has released a software patch to end users – http://www.squid-cache.org/Versions/v4/changesets/squid-4-7f73e9c5d17664b882ed32590e6af310c247f320.patch

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.