Squid.Proxy.HTTP.Range.Header.Handling.DoS
Description
This indicates an attack attempt to exploit a Denial of Service Vulnerability in Squid Project Squid.
The vulnerabilities are due to invalid processing of HTTP Range requests. A remote attacker could exploit these vulnerabilities by sending a crafted request to the target server. Successful exploitation could result in a denial-of-service condition.
Affected Products
Squid Project Squid 4.x prior to 4.15
Squid Project Squid 5.x prior to 5.0.6
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2022-01-17 | 19.242 | Sig Added |
2021-12-07 | 19.211 | Default_action:pass:drop |
2021-12-07 | 19.210 | Default_action:drop:pass |
2021-12-07 | 19.209 | Default_action:pass:drop |
2021-11-29 | 18.204 |