cbcvebase.
CVE-2014-7142
published 2014-11-26

CVE-2014-7142: The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2)…

PriorityP337medium6.4CVSS 2.0
AVNACLAuNCPINAP
EPSS
24.93%
97.6th percentile
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.

Affected

88 ranges· showing 25
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
debiansquid< squid 4.1-1 (bookworm)squid 4.1-1 (bookworm)
oraclesolaris
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid
squid-cachesquid

Detection & IOCsextracted from sources · hover to see the quote

  • Target the Squid 'pinger' subprocess specifically — the vulnerability exists only in the pinger program (not the main squid process), triggered by crafted ICMP or ICMPv6 packets with malformed packet size fields.
  • The root cause is an integer underflow when computing the size of the ICMP reply data (preply.psize), leading to an attempt to copy a very large amount of data and crashing the pinger process. Detection should focus on anomalously sized ICMP reply packets sent to a Squid host.
  • CVE-2014-7142 only affects ICMP (v4) handling in the pinger; ICMPv6 had a similar but separately patched check. Monitor for unexpected crashes of the pinger subprocess on Squid 3.x < 3.4.8 hosts.
  • The fix was introduced in upstream Squid revision 13583 (Launchpad bazaar). Verify patched deployments by confirming Squid version >= 3.4.8 or the presence of this commit.
  • The pinger binary is setuid root; a successful exploit of the integer underflow may also leak sensitive heap data into Squid log files, so review Squid logs for unexpected binary/heap content following ICMP traffic anomalies.
  • ·The vulnerable 'pinger' binary is NOT built or shipped in Red Hat Enterprise Linux 5, 6, or 7 packages, nor in Fedora squid packages — these platforms are not affected even though the vulnerable source code is present.
  • ·The vulnerability only affects Squid 3.x; Squid 2.x is not affected by CVE-2014-7142 (though it has a related ICMPv4 array overread issue tracked separately).
  • ·A crash caused by this CVE only affects the external pinger subprocess, not the main Squid process, limiting the direct availability impact to the pinger component.

CVSS provenance

nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:P
osv6.4MEDIUM
vendor_debian6.4MEDIUM
vendor_redhat6.4MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.