UBUNTU-CVE-2019-12524

Source
https://ubuntu.com/security/CVE-2019-12524
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-12524.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2019-12524
Related
Published
2020-04-15T19:15:00Z
Modified
2020-04-15T19:15:00Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via urlregex. The handler for urlregex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.

References

Affected packages

Ubuntu:18.04:LTS / squid3

Package

Name
squid3
Purl
pkg:deb/ubuntu/squid3?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.27-1ubuntu1.7

Affected versions

3.*

3.5.23-5ubuntu1
3.5.23-5ubuntu2
3.5.27-1ubuntu1
3.5.27-1ubuntu1.1
3.5.27-1ubuntu1.2
3.5.27-1ubuntu1.3
3.5.27-1ubuntu1.4
3.5.27-1ubuntu1.5
3.5.27-1ubuntu1.6

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "3.5.27-1ubuntu1.7",
            "binary_name": "squid"
        },
        {
            "binary_version": "3.5.27-1ubuntu1.7",
            "binary_name": "squid-cgi"
        },
        {
            "binary_version": "3.5.27-1ubuntu1.7",
            "binary_name": "squid-common"
        },
        {
            "binary_version": "3.5.27-1ubuntu1.7",
            "binary_name": "squid-dbg"
        },
        {
            "binary_version": "3.5.27-1ubuntu1.7",
            "binary_name": "squid-purge"
        },
        {
            "binary_version": "3.5.27-1ubuntu1.7",
            "binary_name": "squid3"
        },
        {
            "binary_version": "3.5.27-1ubuntu1.7",
            "binary_name": "squidclient"
        }
    ]
}

Ubuntu:20.04:LTS / squid

Package

Name
squid
Purl
pkg:deb/ubuntu/squid?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10-1ubuntu1

Affected versions

4.*

4.8-1ubuntu2
4.8-1ubuntu3
4.9-2ubuntu1
4.9-2ubuntu2
4.9-2ubuntu3
4.9-2ubuntu4

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "4.10-1ubuntu1",
            "binary_name": "squid"
        },
        {
            "binary_version": "4.10-1ubuntu1",
            "binary_name": "squid-cgi"
        },
        {
            "binary_version": "4.10-1ubuntu1",
            "binary_name": "squid-cgi-dbgsym"
        },
        {
            "binary_version": "4.10-1ubuntu1",
            "binary_name": "squid-common"
        },
        {
            "binary_version": "4.10-1ubuntu1",
            "binary_name": "squid-dbgsym"
        },
        {
            "binary_version": "4.10-1ubuntu1",
            "binary_name": "squid-purge"
        },
        {
            "binary_version": "4.10-1ubuntu1",
            "binary_name": "squid-purge-dbgsym"
        },
        {
            "binary_version": "4.10-1ubuntu1",
            "binary_name": "squidclient"
        },
        {
            "binary_version": "4.10-1ubuntu1",
            "binary_name": "squidclient-dbgsym"
        }
    ]
}