Squid Heap Buffer Overflow Vulnerability in URN Handling Allowing Remote Code Execution

A heap buffer overflow vulnerability has been identified in Squid versions through 6.3. This issue arises from improper buffer management when processing URN, creating the potential for remote code execution. The vulnerability allows a remote server to exploit the buffer overflow by sending URN responses that could include sensitive information such as security credentials. The problem has been addressed in Squid version 6.4.

Impact

Exploitation of this vulnerability leads to a heap buffer overflow, with the possibility of remote code execution.

Reproduction

The vulnerability can be reproduced by configuring a Squid proxy to handle URN requests. When a URN response is received from a remote server, the improper buffer management can be exploited, leading to a heap buffer overflow.

Remediation

Users can upgrade to Squid version 6.4, where this vulnerability has been fixed. For those using a prepackaged version of Squid, please check with the package vendor for availability of the updated version.