CVE-2023-46848
Squid: denial of service in ftp
In short
Squid proxy can be forced to crash or stop responding when someone sends specially crafted FTP requests through HTTP. This allows attackers to disrupt service for all users relying on that proxy.
Technical detail
Squid is vulnerable to DoS via malformed ftp:// URLs processed through HTTP request messages or derived from FTP Native protocol input. The vulnerability allows remote attackers without authentication to trigger resource exhaustion or crash conditions by manipulating URL parsing logic, impacting availability for all downstream clients.
Summary generated and translated by AI from the official description.
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Affected products
squidRed Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Extended Update SupportWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://access.redhat.com/errata/RHSA-2023:6266https://access.redhat.com/errata/RHSA-2023:6268https://access.redhat.com/errata/RHSA-2023:6748https://access.redhat.com/security/cve/CVE-2023-46848https://bugzilla.redhat.com/show_bug.cgi?id=2245919https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59whttps://security.netapp.com/advisory/ntap-20231214-0005/