ASA-2018-00012 – Squid: Denial of Service issue in SNMP processing

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2018-00012

Identifier(s)

ASA-2018-00012, SQUID-2018:5, CVE-2018-19132

Title

Denial of Service issue in SNMP processing

Vendor(s)

The Squid project

Product(s)

Squid

Affected version(s)

Squid 3.1.12.1 -> 3.1.23
Squid 3.2.0.4 -> 3.5.28
Squid 4.0 -> 4.3

Fixed version(s)

Squid 4.4

Proof of concept

Unknown

Description

Due to a memory leak in SNMP query rejection code, Squid is vulnerable to a denial of service attack.

This problem allows a remote attacker to consume all memory available to the Squid process, causing it to crash.

In environments where per-process memory restrictions are not enforced strictly, or configured to large values this may also affect other processes operating on the same machine. Leading to a much worse denial of service situation.

This problem is limited to Squid built with SNMP support and receiving SNMP traffic.

Technical details

Unknown

Credits

Florian Kohnhauser

Reference(s)

Squid Proxy Cache Security Update Advisory SQUID-2018:5
http://www.squid-cache.org/Advisories/SQUID-2018_5.txt

Squid Proxy multiple vulnerabilities
https://seclists.org/oss-sec/2018/q4/101

CVE-2018-19132
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19132

CVE-2018-19132
https://nvd.nist.gov/vuln/detail/CVE-2018-19132

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: February 1, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.