CVE-2019-18679

An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.

Published: Nov 26, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-18679
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
squid-cache / squid	2.7-stable3	2.7-stable3.x
squid-cache / squid	2.7-stable4	2.7-stable4.x
squid-cache / squid	2.0	2.7.x
squid-cache / squid	3.0	3.5.28.x
squid-cache / squid	4.0	4.8.x
squid-cache / squid	2.7-stable2	2.7-stable2.x
squid-cache / squid	2.7-stable5	2.7-stable5.x
squid-cache / squid	2.7-stable6	2.7-stable6.x
squid-cache / squid	2.7-stable7	2.7-stable7.x
squid-cache / squid	2.7-stable8	2.7-stable8.x
squid-cache / squid	2.7-stable9	2.7-stable9.x
canonical / ubuntu_linux	16.04	16.04.x
canonical / ubuntu_linux	18.04	18.04.x
canonical / ubuntu_linux	19.04	19.04.x
canonical / ubuntu_linux	19.10	19.10.x
debian / debian_linux	8.0	8.0.x
fedoraproject / fedora	30	30.x
fedoraproject / fedora	31	31.x

Vulnerability Database

289,599

CVE-2019-18679