CVE-2020-15810

Priority
Description
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to
incorrect data validation, HTTP Request Smuggling attacks may succeed
against HTTP and HTTPS traffic. This leads to cache poisoning. This allows
any client, including browser scripts, to bypass local security and poison
the proxy cache and any downstream caches with content from an arbitrary
source. When configured for relaxed header parsing (the default), Squid
relays headers containing whitespace characters to upstream servers. When
this occurs as a prefix to a Content-Length header, the frame length
specified will be ignored by Squid (allowing for a conflicting length to be
used from another Content-Length header) but relayed upstream.
Assigned-to
mdeslaur
Notes
Package
Source: squid (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):released (4.10-1ubuntu1.2)
Ubuntu 20.10 (Groovy Gorilla):released (4.13-1ubuntu1)
Patches:
Upstream:http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_10.patch
Upstream:https://github.com/squid-cache/squid/commit/9c8e2a71aa1d3c159a319d9365c346c48dc783a5
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
More Information

Updated: 2020-09-18 04:39:51 UTC (commit 138a3b00836060d8cce6678d1a23781391e3219f)