CVE-2012-2213

McAfee Web Gateway And Squid Proxy 3.1.19 Bypass

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Squid 3.1.9 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is unable to provide a squid.conf file for a vulnerable system, and the observed behavior is consistent with a squid.conf file that was (perhaps inadvertently) designed to allow access based on a "req_header Host" acl regex that matches www.uol.com.br

** EN DISPUTA ** Squid v3.1.9 permite a atacantes remotos evitar la configuración de acceso para el método CONNECT, proporcionando un nombre de host arbitrario en la cabecera 'host HTTP'. NOTA: este problema no puede ser reproducible, porque el investigador es incapaz de proporcionar un archivo squid.conf de un sistema vulnerable, y el comportamiento observado es consistente con un archivo squid.conf que fue (tal vez sin darse cuenta), diseñado para permitir el acceso basado en una expresión regular de ACL "host req_header" que coincide con www.uol.com.br.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2012-04-06 CVE Reserved
2012-04-13 CVE Published
2024-09-16 CVE Updated
2024-09-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-264: Permissions, Privileges, and Access Controls

CAPEC

References (6)

URL	Tag	Source
http://archives.neohapsis.com/archives/bugtraq/2012-04/0117.html	Mailing List
http://archives.neohapsis.com/archives/bugtraq/2012-04/0131.html	Mailing List
http://archives.neohapsis.com/archives/bugtraq/2012-04/0140.html	Mailing List
http://archives.neohapsis.com/archives/bugtraq/2012-04/0146.html	Mailing List
http://archives.neohapsis.com/archives/bugtraq/2012-04/0163.html	Mailing List
http://archives.neohapsis.com/archives/bugtraq/2012-04/0165.html	Mailing List

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Squid-cache Search vendor "Squid-cache"		Squid Search vendor "Squid-cache" for product "Squid"				3.1.9 Search vendor "Squid-cache" for product "Squid" and version "3.1.9"		-		Affected