Rapid7 Vulnerability & Exploit Database

Squid Cache SNMP Denial of Service Vulnerability

Back to Search

Squid Cache SNMP Denial of Service Vulnerability

Severity
3
CVSS
(AV:N/AC:H/Au:N/C:N/I:N/A:P)
Published
02/13/2002
Created
07/25/2018
Added
11/01/2004
Modified
12/04/2013

Description

A number of problems exist in the Squid proxy server's SNMP implementation.

It is possible for remote attackers to cause the process to consume all allowable resources or crash entirely. If resource limits have not been set on the Squid process, the performance of the entire system may be degraded.

To exploit this vulnerability, the Squid SNMP interface must be enabled and the attacker must be able to send traffic to the SNMP port. SNMP support in Squid is disabled by default.

Solution(s)

  • squid-upgrade-2_4_STABLE4

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;