Site icon 지락문화예술공작단

USN-4895-1: Squid vulnerabilities

USN-4895-1: Squid vulnerabilities

Alex Rousskov and Amit Klein discovered that Squid incorrectly handled
certain Content-Length headers. A remote attacker could possibly use this
issue to perform an HTTP request smuggling attack, resulting in cache
poisoning. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-15049)

Jianjun Chen discovered that Squid incorrectly validated certain input. A
remote attacker could use this issue to perform HTTP Request Smuggling and
possibly access services forbidden by the security controls.
(CVE-2020-25097)
Source: USN-4895-1: Squid vulnerabilities

Exit mobile version