CVE-2009-0801

Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

CVSS v2.0 5.4 MEDIUM

5.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:H/Au:N/C:C/I:N/A:N

Exploitability : 4.9 / Impact : 6.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.kb.cert.org/vuls/id/435052	Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/33858

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:squid:squid_web_proxy_cache:2.7:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:2.7.stable5:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:2.7.stable6:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre1:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre2:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre3:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable1:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable2:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable3:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable4:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable5:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable6:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable7:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable12:::::::*
	cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable13:::::::*

History

No history.

Information

Published : 2009-03-04 16:30

Updated : 2024-02-04 17:33

NVD link : CVE-2009-0801

Mitre link : CVE-2009-0801

CVE.ORG link : CVE-2009-0801

JSON object : View

Products Affected

squid

squid_web_proxy_cache

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2009-0801", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-03-04T16:30:00.170", "references": [{"url": "http://www.kb.cert.org/vuls/id/435052", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/33858", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."}, {"lang": "es", "value": "Squid cuando el modo de interceptaci\u00f3n trasparente est\u00e1 habilitado, utiliza la cabecera HTTP Host para determinar el punto final remoto, esto permite a atacantes remotos evitar los controles de acceso para Flash, Java, Silverlight y puede que otras tecnolog\u00edas y permite que se comunique con sitios de intranet restringidos a trav\u00e9s de una p\u00e1gina Web manipulada que provoca que un cliente env\u00ede solicitudes HTTP con una cabecera Host modificada."}], "lastModified": "2009-06-18T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59B8B26B-B58B-4A84-95BF-A271FEE36F4F"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.7.stable5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47A0A485-9C22-4A1E-9224-F777C8407013"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:2.7.stable6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CC68017-20A2-4519-94AD-1A720692323C"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18A99A70-46CE-4F1F-BC50-A9A32DBB511E"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64F8F1B9-A281-47C0-88EB-417A6A5B9F00"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EECA433-3770-4ADE-8962-181FCC3590E2"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_pre3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28613D22-9E8B-4231-9AC9-523D506A200A"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F8DBB70-1047-451D-9853-8FA404A307FF"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26EBDB74-8847-4FBD-B638-677CFEF6C062"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B4C1903-AE1A-46E1-9095-4656BEA54754"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CE8DDCB-0371-4220-A43E-946153EB02FE"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED179F50-3DCA-4853-875E-BCB684FF1D8E"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BE6BD41-C6DB-442B-9844-9792255EB268"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A29F22EA-DFC8-407D-9A08-0981AFA97A2B"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E1D7E85-BBB6-4D8F-8543-9E0A0068DD74"}, {"criteria": "cpe:2.3:a:squid:squid_web_proxy_cache:3.0_stable13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55F27E45-FD71-46C1-80F9-4A4145DE2A50"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-0801\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/", "lastModified": "2009-03-09T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "cve@mitre.org"}