CVE-2020-11945 — Integer Overflow or Wraparound in Squid
Severity
9.8CRITICALNVD
EPSS
28.5%
top 3.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 23
Latest updateMay 24
Description
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials).
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages3 packages
Also affects: Debian Linux 10.0, 9.0, Fedora 30, 31, 32, Ubuntu Linux 16.04, 18.04, 19.10, 20.04
Patches
🔴Vulnerability Details
3📋Vendor Advisories
3💬Community
2Bugzilla▶
CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution [fedora-all]↗2020-04-24
Bugzilla▶
CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution↗2020-04-24