CVE-2019-18679

{"id": "CVE-2019-18679", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-11-26T17:15:13.047", "references": [{"url": "http://www.squid-cache.org/Advisories/SQUID-2019_11.txt", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch", "tags": ["Release Notes"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.suse.com/show_bug.cgi?id=1156324", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/squid-cache/squid/pull/491", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html", "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/", "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/", "source": "cve@mitre.org"}, {"url": "https://security.gentoo.org/glsa/202003-34", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/4213-1/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2020/dsa-4682", "source": "cve@mitre.org"}, {"url": "http://www.squid-cache.org/Advisories/SQUID-2019_11.txt", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.suse.com/show_bug.cgi?id=1156324", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/squid-cache/squid/pull/491", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00011.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/202003-34", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://usn.ubuntu.com/4213-1/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.debian.org/security/2020/dsa-4682", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Squid versiones 2.x, 3.x y versiones 4.x hasta 4.8. Debido a una gesti\u00f3n de datos incorrecta, es vulnerable a una divulgaci\u00f3n de informaci\u00f3n cuando se procesa HTTP Digest Authentication. Los tokens Nonce contienen el valor de byte sin procesar de un puntero que se encuentra dentro de la asignaci\u00f3n de memoria heap. Esta informaci\u00f3n reduce las protecciones de ASLR y puede ayudar a atacantes a aislar \u00e1reas de memoria para apuntar ataques de ejecuci\u00f3n de c\u00f3digo remota."}], "lastModified": "2024-11-21T04:33:31.133", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "466DF174-7C87-4D0E-B10D-F3F88014D9F5", "versionEndIncluding": "2.7", "versionStartIncluding": "2.0"}, {"criteria": "cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC9F2659-B37B-4E7B-AE40-B91BF3CE4E88", "versionEndIncluding": "3.5.28", "versionStartIncluding": "3.0"}, {"criteria": "cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A278895E-7005-4F4B-8649-A013F60E33D4", "versionEndIncluding": "4.8", "versionStartIncluding": "4.0"}, {"criteria": "cpe:2.3:a:squid-cache:squid:2.7:stable2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFBB466C-C679-4B4B-87C2-E7853E5B3F04"}, {"criteria": "cpe:2.3:a:squid-cache:squid:2.7:stable3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A03692DD-779F-4E3C-861C-29943870A816"}, {"criteria": "cpe:2.3:a:squid-cache:squid:2.7:stable4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79FF6B3C-A3CE-4AA2-80F9-44D05A6B2F08"}, {"criteria": "cpe:2.3:a:squid-cache:squid:2.7:stable5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CF6E367-D33B-4B60-8C40-4618C47D53E8"}, {"criteria": "cpe:2.3:a:squid-cache:squid:2.7:stable6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FA1F4FE-629C-4489-A13C-017A824C840F"}, {"criteria": "cpe:2.3:a:squid-cache:squid:2.7:stable7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2479C5BF-94E1-4153-9FA3-333BC00F01D6"}, {"criteria": "cpe:2.3:a:squid-cache:squid:2.7:stable8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8ABFCCCC-7584-466E-97CC-6EBD3934A70E"}, {"criteria": "cpe:2.3:a:squid-cache:squid:2.7:stable9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F17E49BF-FB11-4EE6-B6AC-30914F381B2F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}