SA-2023-111 - Squid URN request creates HTTP reque... - Extreme Networks - 98138

Summary

Squid encountered an issue when handling a URN request; a corresponding HTTP request was made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers; e.g., an attacker can connect to HTTP servers that only listen on localhost.

Products Potentially Affected

OS/Product	Exposure
IQ Engine (HiveOS)	Yes

Repair Recommendations

IQ Engine (HiveOS): Pending.

Please see the full security advisory article here for more details and updates.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Popular Articles

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)

GTM-P2G8KFN