Squid»º³åÇøÒç¶Âí½Å°²È«¹«¸æ

°ä²¼¹¦·ò 2019-11-07

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-12526£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-18678£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-18679£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Squid 3.xÖÁ3.5.28(Ô̺¬3.5.28)

ËùÓÐSquid-4.xÖÁ4.8°æ±¾(Ô̺¬4.8)


·ì϶¸ÅÊö


SquidÊÇÒ»Ì×´úÀí·þÎñÆ÷ºÍWeb»º´æ·þÎñÆ÷Èí¼þ¡£¸ÃÈí¼þÌṩ»º´æÍòάÍø¡¢¹ýÂËÁ÷Á¿¡¢´úÀíÉÏÍøµÈÖ°ÄÜ¡£


Squid¹Ù·½°ä²¼°²È«¸üн¨¸´Á˶à¸ö·ì϶£¬ÆäÖÐCVE-2019-12526Ϊ»º³åÇøÒç³ö¸ßΣ·ì϶£¬¿ÉÄܵ¼ÖÂÔ¶³Ì´úÂëÖ´ÐУ¬¸ÅÊöÈçÏ£º


CVE-2019-12526


ÓÉÓÚ²»ÕýÈ·µÄ»º³åÇøÖÎÀí£¬Ô¶³Ì¹¥»÷ÕßÄܹ»Í¨¹ýÏòÖ¸±ê·þÎñÆ÷·¢Ë;«ÐÄÉè¼ÆµÄHTTPÒªÇóÀ´ÀûÓô˷ì϶¡£³É¹¦ÀûÓý«µ¼Ö¹¥»÷Õß¿ÉÄÜʹÓ÷þÎñÆ÷¹ý³ÌµÄȨÏÞÖ´ÐÐËÁÒâ´úÂ룬¶ø²»³É¹¦µÄ¹¥»÷½«µ¼Ö·þÎñÆ÷¹ý³ÌÒì³£ÖÕÖ¹¡£


CVE-2019-18678


ÔÚÐÂÎŽâÎöʱ£¬ÓÉÓÚÃýÎóµÄÐÂÎŽâÎö£¬SquidÈÝÒ׳öÏÖHTTPÒªÇó²ð·ÖÎÊÌâ¡£


CVE-2019-18679


ÓÉÓÚÃýÎóµÄÊý¾ÝÖÎÀí£¬SquidÔÚ´¦ÖÃHTTPÌáÒªÈÏ֤ʱÒý·¢ÐÅϢй¶¡£


·ì϶ÑéÖ¤


ÔÝÎÞPOC/EXP¡£


½¨¸´½¨Òé


Éý¼¶µ½Squid 4.9£ºhttp://www.squid-cache.org/Versions/v4/¡£


¸÷·ì϶һʱ»º½â´ëÊ©ÈçÏ£º


CVE-2019-12526


»Ø¾ø urn: ºÍ̸µÄ URI ±»´úÀí¸øËùÓпͻ§¶Ë£º

acl URN proto URN

http_access deny URN


CVE-2019-18679


1.ÔÚsquid.confÅäÖÃÎļþÖÐÒƳýµô'auth_param digest ...'

2.¹¹½¨Squidʱ¼ÓÉϲÎÊý --disable-auth-basic


²Î¿¼Á´½Ó


http://www.squid-cache.org/Advisories/SQUID-2019_11.txt

http://www.squid-cache.org/Advisories/SQUID-2019_10.txt

http://www.squid-cache.org/Advisories/SQUID-2019_7.txt