client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ubuntu_linux | Canonical | 12.04 (including) | 12.04 (including) |
Ubuntu_linux | Canonical | 14.04 (including) | 14.04 (including) |
Ubuntu_linux | Canonical | 15.10 (including) | 15.10 (including) |
Ubuntu_linux | Canonical | 16.04 (including) | 16.04 (including) |