Rapid7 Vulnerability & Exploit Database

RHSA-2001:097: New squid packages for Red Hat Linux 7.0

Back to Search

RHSA-2001:097: New squid packages for Red Hat Linux 7.0

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
07/12/2001
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

New squid packages are available for Red Hat Linux 7.0 that fix a possible security problem with Squid's HTTP accelerator feature. If Squid was configured in accelerator-only mode, it was possible for remote users to portscan machines through the Squid proxy, potentially allowing for access to machines not otherwise available. It is recommended that users who use Squid in accelerator-only mode update to the fixed packages. Note that Red Hat Linux 7.1 is not affected by this vulnerability, nor are releases prior to Red Hat Linux 7.0.

If Squid is configured with 'httpd_accel_host <some hostname>' and 'httpd_accel_with_proxy off', access control lists will not be enabled. This could allow any remote user to use the squid server to access other sites, potentially ones that they could not reach otherwise. Thanks go to Paul Nasrat <pnasrat@uk.now.com> for notifying us of this vulnerability and to the Squid team for providing the patch.

Solution(s)

  • redhat-upgrade-squid

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;