Summary
This host is running Squid Proxy Server and is prone to Denial Of Service vulnerability.
Impact
Successful exploitation could allow remote attackers to cause a denial of service via a crafted port number values in the 'Host' header.
Solution
Upgrade to Squid Version 3.2.13 or 3.3.8 or latest or apply patch, For updates refer to http://www.squid-cache.org/Download
Insight
Error when handling port number values within the 'Host' header of HTTP requests.
Affected
Squid Version 3.2 through 3.2.12 and versions 3.3 through 3.3.7
Detection
Send crafted 'Host' header request and check is it vulnerable to DoS or not.
References
Severity
Classification
-
CVE CVE-2013-4123 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities
- Adobe Flash Media Server XML Data Remote Denial of Service Vulnerability
- Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
- Comodo Internet Security Denial of Service Vulnerability-04
- Apple Safari Nested 'object' Tag Remote Denial Of Service vulnerability