Squid Resource Exhaustion Vulnerability

January 4, 2013

Squid is a popular open source proxy server and web cache daemon. It has a wide variety of uses, including sharing network resources, speeding up a web server and aiding network security (by filtering traffic).

A resource exhaustion vulnerability exists in Squid. Specifically, the vulnerability is due to lack of sanitation of user supplied parameters sent to Squid's cache manager "cachemgr.cgi". A remote attacker could exploit this vulnerability by sending crafted HTTP requests to the Squid server. Successful exploitation allows the attacker to cause a memory exhaustion, leading to a denial of service condition.

The vulnerability has been assigned as CVE-2012-5643.

Dell SonicWALL has released an IPS signature to detect and block specific exploitation attempts targeting this vulnerability. The signature is listed below:

  • 9450 Squid cachemgr.cgi DoS