CVE-2019-18679

HIGH

Squid 2.x-4.x < 4.8 - Information Disclosure via HTTP Digest Authentication Nonce Tokens

Title source: llm
STIX 2.1

Description

An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.

References (11)

Core 11
Core References
Patch, Third Party Advisory x_refsource_misc
https://github.com/squid-cache/squid/pull/491
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.suse.com/show_bug.cgi?id=1156324
Third Party Advisory x_refsource_confirm
http://www.squid-cache.org/Advisories/SQUID-2019_11.txt
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4213-1/
Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/202003-34
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2020/dsa-4682
Mailing List mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html

Scores

CVSS v3 7.5
EPSS 0.4413
EPSS Percentile 97.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (9)
canonical/ubuntu_linux 16.04
canonical/ubuntu_linux 18.04
canonical/ubuntu_linux 19.04
canonical/ubuntu_linux 19.10
debian/debian_linux 8.0
fedoraproject/fedora 30
fedoraproject/fedora 31
squid-cache/squid 2.7 stable2 (8 CPE variants)
squid-cache/squid 2.0 - 2.7
Published Nov 26, 2019
Tracked Since Feb 18, 2026