55 Vulnerabilities Found in Squid Proxy Server, 35 Still Unpatched

The results of an independent safety audit of an open caxy server, Squid, held in 2021 have been published. During the check of the project’s code base, 55 vulnerabilities were identified, with 35 problems still not fixed by developers (0-day vulnerabilities). The developers of Squid were notified about these issues two and a half years ago but failed to address them. Consequently, the author of the audit decided to disclose the information without waiting for all the problems to be resolved and had previously communicated this to the Squid developers.

Among the vulnerabilities discovered during the audit, the following are notable:

VulnerabilityDescription
Stack OverflowImplementation of Hash’s authentication allows a stack overflow, which occurs when processing HTTP Proxy-Authorization Header with an excessively large value for the Digest NC field.
Memory Access After ReleaseMemory access after release occurs when making requests with the trace method.
Memory Access After ReleaseMemory access after release when processing HTTP checks with the “Range” header (CVE-2021-31807).
Stack OverflowStack overflow when processing the http-heading x-forwarded-for.
/Reports, release notes, official announcements.