CVE-2009-0801Improper Input Validation in Squid

CWE-264CWE-20Improper Input Validation10 documents6 sources
Severity
5.4MEDIUMNVD
EPSS
0.0%
top 89.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
SquidDebian SquidSquid WEB Proxy Cache
Timeline
PublishedMar 4
Latest updateMay 2

Description

Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

CVSS vector

AV:N/AC:H/C:C/I:N/A:NExploitability: 4.9 | Impact: 6.9

Affected Packages3 packages

debiandebian/squid< squid 4.1-1 (bookworm)
Debiansquid/squid< 4.1-1+3
NVDsquid/squid_web_proxy_cache16 versions+15

🔴Vulnerability Details

2
GHSA
GHSA-w87g-c2c7-4fx5: Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to byp2022-05-02
OSV
CVE-2009-0801: Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to byp2009-03-04

📋Vendor Advisories

3
Red Hat
squid: Cache poisoning issue in HTTP Request handling2016-05-06
Red Hat
squid: remote bypass of access controls2009-02-23
Debian
CVE-2009-0801: squid - Squid, when transparent interception mode is enabled, uses the HTTP Host header ...2009

💬Community

4
Bugzilla
CVE-2016-4553 squid: Cache poisoning issue in HTTP Request handling2016-05-09
Bugzilla
CVE-2009-0801 squid: remote bypass of access controls [Fedora]2009-03-04
Bugzilla
CVE-2009-0801 squid: remote bypass of access controls [F9]2009-03-04
Bugzilla
CVE-2009-0801 squid: remote bypass of access controls2009-03-04